HackTheBox: Access

I should preface this by saying that this machine took me about 6 hours to complete overall. I went down a couple of rabbit holes i didn’t need to go down and the final solution was much simpler than i thought. My first step. Which is almost always the case when starting out on a…

HackTheBox Invite Code

The following is a writeup on the process used to get the invite code for HackTheBox HackTheBox is a great website which contains pentesting labs to develop your security skillset. To create an account and gain access to the labs you first need to get an invite code and enter it into the URL https://www.hackthebox.eu/invite…

nMap Visulisation

Introduction I have written a quick and dirty python script to visualise results from nMap and masscan. It works by parsing the XML log from a scan and generates a visual representation of the IP range that was scanned. The following screenshot is an example of the output: For lack of a better word I…

Memcache Scanner Interactions

On the 5th March 2018 the worlds biggest DDOS attack was reported against a US based service provider. The DDos had a bandwidth of 1.7Tbps and was achieved using mis-configured Memcache servers. Memcached is a Linux daemon which caches data called from databases and allows subsequent database lookups to be pulled from the cache rather…

NTP Amplification Discovery

Introduction NTP amplification attacks are a form of DDOS which use NTP servers to turn small requests into large responses which can be directed to the victims computer. NTP amplification makes use of the MONLIST command. The MONLIST command directs the NTP server to respond with the last 600 IP addresses which used the server….

VNC Authentication checking with Python

In this post i describe a small python script which can be used to determine the type of authentication used on a VNC Server. It uses the Scapy packet manipulation program to perform all the network data transmissions and retrievals. The program may not be perfect, but with my limited testing it seemed to work…

Hacking the TalkTalk HUAWEI HG523a Router Part 2

For part 1 please Click Here. OK. So i have access to the routers busybox console. I found by typing the busybox command it displays all the commands available on the device. # busybox BusyBox vv1.9.1 (2012-03-05 00:16:52 CST) multi-call binary Copyright (C) 1998-2007 Erik Andersen, Rob Landley, Denys Vlasenko and others. Licensed under GPLv2….

Hacking the TalkTalk HUAWEI HG523a Router Part 1

I got my hands on a TalkTalk HUAWEI HG523a. This is one of the routers distributed to TalkTalk subscribers. This is my first attempt of doing any kind of embedded device analysis so i decided it would be beneficial to document the steps i take. As i progress i will write new posts detailing what…

Malware Analysis Part 2: First Attempt

Please read part 1 first if you would like to know how the analysis lab is set up. There are various sites you can use to download sample malicious software. The one i used is called openmalware.org. I wasn’t completely sure which sample to choose. I wanted one which was recent so i decided to…

Malware Analysis Part 1: Lab Setup

At this stage I know very little about the Malware analysis process. I recently purchased a book on the subject called “Practical Malware Analysis” by Michael Sikorski and Andrew Honig. My aim is to read through the book and practice the techniques taught on real examples of malicious code. Updating this blog as i progress….