#hack100days Day39: Vacation! Reading chapter 7 of _Bug Bounty Bootcamp_. #infosec #cosocec
#hack100days Day40: Still vacationing. Read Chapter 8 of _Bug Bounty Bootcamp_. (Also watched _Dr. Strange and the Multiverse of Madness_.) #infosec #cososec #movienight
#hack100days Day41: Read chapter 9 of _Bug Bounty Bootcamp_. #infosec #cososec
#hack100days Day42: Read chapter 10 of _Bug Bounty Bootcamp_. #infosec #cososec
#hack100days Day43: Read chapters 11 & 12 of _Bug Bounty Bootcamp_. Tomorrow is travel day. #infosec #cososec
#hack100days Day44: Chapter 13 of _Bug Bounty Bootcamp_ done. #infosec #cososec
#hack100days Day45: Baseball Hall of Fame visited today and Chapter 14 of _Bug Bounty Bootcamp_ done. Going to need to do some more labs and walkthroughs of deserialization. Feels a bit like a dark art. #infosec #cososec #vacation
#hack100days Day46: “Home again, home again, jiggity jig.” Rock and Roll Hall of Fame and chapter 15 of _Bug Bounty Bootcamp_ done. Enjoying a jigger of Canadian whiskey to unwind.
#hack100days Day47: Read chapter 16 of _Bug Bounty Bootcamp_. #infosec #cososec
#hack100days Day48: Mixed it up today. Started watching https://www.youtube.com/watch?v=Llw2PAlXUoE, which led to a twitter/@Alh4zr3d livestream on https://www.twitch.tv/alh4zr3d, which then led me to twitter/@mttaggart and led me to https://www.youtube.com/taggarttech which has an API hacking video I want to watch next. #infosec #cososec
#hack100days Day49: Read chapters 17 and 18 of _Bug Bounty Bootcamp_. #infosec #cososec
#hack100days Day50: Watched some more of a stream with alh4zred. Shadowed someone on discord while they hacked on an android app. Got to see similarities between web apps and mobile apps. Also got to point out a ZAP feature, so I contributed a little bit! ;) #infosec #cososec
#hack100days Day51: Flippin' power outage. It's back on and the day isn't done. I've been enumerating htb/trick. Once service appears to be a dead end. Another service is not giving anything up easily. A third service is interesting, I'm not as well versed in its tech. Fortunately, there's metasploit for that. For now, anyways. #infosec #cososec #hackthebox
#hack100days Day52: Kept at htb/trick. Had to spend some time getting acquainted with how "Break" works in ZAP. Wanted to edit a page coming from the server. Didn't get the result I was hoping for. Got one more setting to try before ruling this approach out. #infosec #cososec
#hack100days Day52.1: Went to the forums for some hints. Revisited a service I thought was a dead end. Double-checked syntax and tried another potential configurable. Boom. Found another entry point. Now I'm starting to get some progress. ...and I'm leaving to go to a concert soon. Gotta unplug for a bit, every now and again! #infosec #cososec #floydcoverband
#hack100days Day53: Got creds from yesterday's scans. Explored the app, looking for escalation vector. Found limited LFI, so progress! #infosec #cososec #hackthebox
#hack100days Day54: Read another chapter, chapter 19, of _Bug Bounty Bootcamp_. #infosec #cososec
#hack100days Day55: More banging on trick.htb. Found a new potential entry point. Took a while to figure out how to find it, but didn't get terribly far on it before I had to pack it in. #infosec #cososec #hackthebox
#hack100days Day56: More cracking at trick.htb. Found a thing on an entry point, but I'm stuck turning it into something more useful. Tantalizing config on entry point two, but it isn't giving me any goods. #infosec #cososec #hackthebox #tryharder
#hack100days Day57: watched a live stream, Alh4zr3d breaks two k8s challenges on try hack me #infosec #cososec
#hack100days Day58: Read chapter 21 in _Bug Bounty Bootcamp_. Dangling CNAME is bad, m'kay? A deeper dive on sign-sign-on exploits is really going to be needed for effectiveness. #infosec #cososec
#hack100days Day59: Turns out I read chapter 20 yesterday and chapter 21 tonight. Duh. Saw a walk through yesterday that leveraged looking for .git on a web page. I haven’t done an analysis on that kind of information disclosure vuln, but I reckon it’s rare but damaging. Tomorrow, we read code. #infosec #cososec
#hack100days Day 60: Read chapter 22 of _Bug Bounty Bootcamp_. #infosec #cososec
#hack100days Day61: Finished _Bug Bounty Bootcamp_, skipped chapter 23 and read chapters 24 & 25. Tomorrow, back to #htb. #infosec #cososec
#hack100days Day62: Okay, I lied. Not HtB. Looked at an Offensive Security Proving Grounds-Playground box. Watched a live walk-through on the box. Also watched an Ippsec video re: LFI. #infosec #cososec
#hack100days Day63: Hack the Box Academy today. Worked on LFI module. #infosec #cososec
#hack100days Day64: Started a multiday CTF. Got three of the first five challenges presented and am sitting on 800/1000 points. Going to sit in on Alh4zr3d stream before making dinner and watching the Jan6 shennanigans. #infosec #cososec
#hack100days Day65: Looked at the CTF again. No new challenges. Did more enum on one of the remaining, but didn't make progress. Hit Offsec Proving Grounds Play and pwned "Dawn", so that helped recover some ego. #infosec #cososec
#hack100days Day66: Took a quick look at an Offsec Proving Grounds Play box. Found an LFI. Have a couple of users. Didn't find anything else terribly fun. Making a run at brute forcing a password. #infosec #cososec
#hack100days Day67: Hack the Box Academy, did the ffuf module. #infosec #cososec
#hack100days Day68: More work on Hack the Box Academy and on the ffuf module. Not making it through it as fast as I would like. Practice make perfect! #infosec #cososec
#hack100days Day69: More work on HtB Academy & ffuf. One more exercise to complete. Also kibbutzed on Al4zr3d stream while he walked through a couple of TryHackMe boxes. #infosec #cososec
#hack100days Day70: More work on HtB Academy & ffuf. Made some progress and then stalled. Looks like word list choice is finicky. Read this article and found it pretty interesting: https://blog.includesecurity.com/2022/07/hunting-for-mass-assignment-vulnerabilities-using-github-codesearch-and-grep-app/. Signed up for the beta of git CodeSearch. #infosec #cososec
#hack100days Day71: almost forgot to log it. Watched a stream. Hacked on a ctf. Figured out limited rce, but stumped on turning it into something really useful. It’ll be on tomorrow, so maybe a fresh look after sleep and coffee. #infosec #cososec #ctf
#hack100days Day72: Continued banging on ctf. Limited rce was sneaky rabbit hole. Found correct path to get shell. New one on me, so that was fun. Working on pivot point. This one's a little tougher. #infosec #cososec
#hack100days Day72.1: Update. I eventually figured the pivot—“pcap, or it didn’t happen!” Learned a bit more about Docker and worked on Wireshark skill. Ended up w/in top 10 and got a cyberrange voucher from the prize pool. I reckon there were between 50 and 100 people taking a crack at it. #infosec #cososec #hackinonthepatio
#hack100days Day73: Took a crack at today's release on HtB. Bunch of enumeration. Still poking around to find entry point. Not a webserver and I'm out of practice on anything but web servers, so this is good. Slow. But good. #infosec #cososec
#hack100days Day74: Found a user w/low priv on the HtB box--based on the hostname, I took a flyer at a username I thought would match. Was able to use it to enumerate some additional users. Now brute-forcing for passwords. No school like the old school. Really wish folks would use fasttrack.txt for password brute forcing. Fairly long list of users, so this will take a while. #infosec #cososec
#hack100days Day76: Listened in on a couple of twitch streams by Alh4zr3d and mmtaggart. Poked at a Winderz box on offsec proving grounds. #infosec #cososec #alwaysbeenumerating
#hack100days Day78: Went along with the Alh4zr3d stream on a PG Play box. Rated as hard. Got a bead on the foothold. Slowing down to make some notes. Make brain wrinkles and have something to come back to in the future--tags, MF! #infosec #cososec #tags #sqli #weakasspasswords
#hack100days Day 79: Didn’t make time to get hands on keyboard today. Started _Web Application Hacker's Handbook_ and got through first two chapters. While it’s 11 years old, still seems pretty relevant. #infosec #cososec #authn #authz #inputvalidation
#hack100days Day80: Read ch 3 of _Web Application Hacker’s Handbook_. #infosec #cososec (fixed unfortunate typo)
#hack100days Day81: Started Practical Web Application Security and Testing class from mttaggart #infosec #cososec
#hack100days Day82: Read ch 4 of _Web Application Hacker’s Handbook_. #infosec #cososec #enumallthethings
#hack100days Day83: Hands on keyboard today! Worked on a pair of TryHackMe boxes. One down pretty quickly. Some progress on the second. Using msfconsole and msfvenom on that one. Issue w/getting handler and payload to match. Don't use it a whole lot, so more googling than I like. #infosec #cososec
#hack100days Day83.1 Update: Finished 2nd box. Reset box and switched to meterpreter shell instead of trying to use command shell. Worked great. #infosec #cososec
#hack100days Day84: Poked at a box on another platform. Looks like BlueKeep is the way in, but metasploit module is for x64 and the target is x86. Found a PoC for x86, but I'm fighting python module dependencies. I need to get better at venv, I guess. Then the clock ran out, so I can't pick at it until tomorrow. #infosec #cososec
#hack100days Day85: Banged on academy.htb. Wordlists matter. Grr. #infosec #cososec
#hack100days Day85: D’oh. Forgot to record yesterday. Worked on HtB Blackfield. I’m really liking CrackMapExec. Refreshed the Impacket brain wrinkles. #infosec #cososec
#hack100days Day86: spent day off and on working on getting parrot and kali 2023 on hyper-v. Not an awesome experience.
#hack100days Day87: Revisited Ubuntu Multipass and toolbox to run impacket, etc. from. Poked at academy.htb #infosec #cososec
#hack100days Day89: Took a crack at an Offsec Proving Grounds box. Learned more how to deal with open proxies. (Wish I'd known how to do this a couple of years ago.) #infosec #cososec
#hack100days Day90: Took a crack at Hack the Box machine return. I love evil-winrm. Got user pretty quick. Working on priv esc. Should put it away tonight. #infosec #cososec
#hack100days Day91: Kept banging on 'return' off and on through the day. Some guidance, based on the results of whoami with priv flag, didn't work as expected. Spun up neo4j and bolt on my infra box for BloodHound. Listened in on mtaggart stream and learned a bit about Content-Security-Policy. #infosec #cososec
#hack100days Day92: Today was not as productive as the past two. Did get in some time on alh4zr3d’s stream as he worked on a Try Hack Me box. Couple of tools referenced there look interesting. #infosec #cososec
#hack100days Day93: No hands on keyboard hacking today. Read up on Active Directory to refresh and rebuild mental model of what it looks like on a network. #infosec #cososec
#hack100days Day94: Forgot to log yesterday’s activity. Worked on HtB Health with some folks. Worked on python scripting skills. #infosec #cososec
#hack100days Day95: Finished of HtB Health. Glad to have worked with a team. For an "easy" box, that felt far from it. Now to watch some web app hacking videos. #infosec #cososec
#hack100days Day77: I finished last night's target on Offsec PG Practice. Started in on a new one today. Bluekeep is a spooky vuln. Should be done w/that one soon. #infosec #cososec #patchyoshit