Skip to main content

Posts

Showing posts from June, 2019

Basic Pentesting Vulnhub Write Up (day 16)

Lets get back to basic. In this post, i will explain to you how to owned vulnhub machine (Basic Pentesting) link: Download the Machine Background Challenge:  This is a small boot2root VM I created for my university’s cyber security group. It contains multiple remote vulnerabilities and multiple privilege escalation vectors . I did all of my testing for this VM on VirtualBox, so that’s the recommended platform. I have been informed that it also works with VMware, but I haven’t tested this personally. This VM is specifically intended for newcomers to penetration testing. If you’re a beginner, you should hopefully find the difficulty of the VM to be just right. Your goal is to remotely attack the VM and gain root privileges. Once you’ve finished, try to find other vectors you might have missed! If you enjoyed the VM or have questions, feel free to contact me at: josiah@vt.edu If you finished the VM, please also consider posting a writeup! Writeups help you internalize ...

Finishing cryptography challenge (Matasano) with Kotlin part 1 (day 15)

Cryptography has always been a critical area in computer security, it provides confidentiality and integrity in critical infrastructures such as e-commerce and bank. Thus, learning how to test the implementation will be a valuable experience to all of the security practitioners. So, in this opportunity, I would like to challenge myself to learn about cryptography and cryptanalysis with the help of Kotlin. Where the hell do I found an adequate resource to learn cryptography? First of all, there are lots of books to teach you about cryptography and cryptanalysis. Many people recommend reading the Bruce Schneier "Applied Cryptography" but if you like me who will be become drowsy after reading a couple of sentences in a book I suggest you try this website which is  https://cryptopals.com , it is a website that contains 8 sets of challenges about the demonstration of real-world attack in cryptography so most of the time you will learn more about cryptanalysis rather tha...