cmdshell-clear

Just a simple note, as you may have noticed I've not posted lately. Those who know me personally will know there is good reason for this, but I am fine, and I will resume posting again in future. Sadly I can't tell you how long this will be as there are some complex things I must resolve first, and...

Posting? On Christmas Eve? What sort of a Scrooge operation is he running over there? Don't worry, I prep these well in advance, it's currently the start of November as I write this and by the time it goes live I'll likely be deep in festivities. If you're wondering about the title by the way, if yo...

So we left off last time with a non-working wrapper script... just can't get the staff these days... so obviously the first thing we want to do is make it work. In Python 3 it works fine the main issue is that when run with Python 2 it freaks out because it doesn't recognize the syntax, but we're al...

The Advent of Code should be active by now, and that's got me thinking about code, and how I haven't really covered it here at all. Now a quick warning, I don't intend to teach the basics of how to code here, I'm really not the right person to do that so I'm going to assume at least a reasonable l...

Following on from the previous two posts and from here things start to get tough, though it still remains easy from the context of wider scale security. Its just we're now going to be tackling much harder ciphers which is very much an entry level topic, and more historical than they are practical, b...

Okay so I left off last week with a broken image, a cryptic note, and some homework, lets see how we get on and solve this one. The first thing to do is we haven't looked at that image yet, it says its corrupted but you could name it anything, it could just as easily be another file hidden in an ima...

I've got one more for you here:

Obscurity

You've managed to get yourself into some of the internal emails passing around the system and it turns out this new guy is pretty on point security-wise. After learning of the horrendous state of their admin management he's begun a crusade to get it so...

Okay so here's another puzzle I built and released some time ago:

Notepad Security

So you've been able to get a foothold onto the network, but are having difficulty accessing the root accounts. With a bit of social engineering you've learned they're locked down using randomly generated passwor...

Remember, remember, the 5th of November, the gunpowder, treason and plot. I know of no reason why the gunpowder treason should ever be forgot.

So for this month I had lots of really cool topics I wanted to share with you, but every time I started writing I quickly realised that I'm not really an e...

Now if you look you'll see I wasn't able to achieve this with my Github. The reason is actually pretty similar to the above, Github Pages ask you to add a CNAME record your custom domain to username.github.io, when the traffic arrive it checks the domain of the request and presents that page. This m...

When you make a request to a website you make a HTTP request to that site, or at least, you used to. In the modern era nearly everything is HTTPS by default and that S is for SSL. This means the actual web traffic effectively passes through an encrypted tunnel between your browser and the website it...

Anyway, enough complaining. About the title, seems like no matter what you do in this field you're always opening another can of worms, building this site was no different. If you dig into the archive posts you'll see various pitfalls I fell into with previous iterations, but the machines and system...

Now here I'd like to address a pet peeve, while I am immensely grateful to those who've come before me that helped me understand how to complete some of these tasks, there's room for improvement. Sadly unless the person making the writeup is tied to the platform in some way, it is not uncommon for t...

If this is the latest blog post you are reading then congratulations, you have arrived on this site at the beginning! I have ported in some old posts from an earlier version of the site for posterity and labelled them archive. Hopefully by the time this page goes public the site should be something...

As you can no doubt see, I have a bit of a a theme going, well it's time to take a break. There's two reasons for this, firstly I've missed a few days, secondly though not unrelated is I've been rather busy. This is partly due to dropping back into study mode, but mostly because I've been investigat...

Where am I? As previously discuss I prefer to keep an air of anonymity, though quite a lot of people know where I'm from, and there are telltale indicators if you can trace my accent and internet traffic. Where in cyberspace is a completely other matter as it tells you very little about my phyical l...

When, it's a reasonable question, when do I plan to post here? Well so far it's been every night since I started the drive to begin blogging, but the goal is more like once a week, I mostly wanted to get in the habit of writing posts so I don't forget. As for when the replacement blog will be set up...

So, what is this, well, it's a technical blog, a place for all things computer related to be discussed and thoughts expressed. Now it probably seems a bit weird to stick this on a github repo, especially given I have plenty of experience running webservers. The reason is this is unlikely to be it's...

Who

So, the inevitable question, who am I? Well exactly you may never know, there are some that do but I prefer to keep an air of anonymity between the various things I do. However for you to trust my words and opinions there are things about me you can know without needing to know me personally.

As o...

Okay lets try an experimental new thing, a different kind of post with a new aim. I recently embarked upon an interesting endeavour, looking at new ideas as a means to secure a server. Having recently begun using Kali Linux for it's penetration testing tools I decided I could use a machine for build...