Full disclosure: This is my notes from watching Plantplants, a student mentor at OffSec, on a Twitch live stream. The video will be reposted to OffSec’s youtube soon. Setup After launching the targe machine on the OffSec portal, set a local zsh environment variable to the target IP export IP=10.0.0.2 The variable can then be used in future commands. Recon Plantplants mentioned he liked to do manual enumeration while the all port scan ran in the background.

This website started out as a college project in 2015 to learn about content creation, SEO, and websites. The domain has changed a few times and so has the layout, but the core purpose has always been the same. It is important to be able to articulate, summarize, and present while learning a new topic. Blogging has allowed me to share about my professional development and community involvement. As a decade approaches, my focus is shifting to include guest authors, cross posts, and more in order to bring in those with a similar passion.

Bsides Harrisburg was on March 11, 2023. This was the first conference for two attendees and below are their own stories. I hope this inspires you to check out a local conference or consider traveling for a Bsides event. Ron I am a Cloud Network Engineer, and part of my responsibility is to ensure the cloud environment I help manage is secure and follows recent cloud security best practices. Before working in the cloud, I was a route/switch guy.

Bsides Harrisburg was on March 11, 2023. Our first post-covid Bsides conference in central Pennsylvania under new organizers. A small team of local security professionals gathered together to collect funding, invite speakers, and attract attendees. I was privileged to be one of the organizers and act as a treasurer, ensuring that we had the required funding to cover what we wanted to include. Here is my summary of planning the event and how I thought the event went.

When I first joined the infosec community back in 2015, I was able to attend some local meetups but one of my highlights for the year was volunteering at GrrCON. GrrCON is a conference in Grand Rapids, MI where the local airport abbreviation is GRR. This conference, it’s staff, speakers, and environment shaped me to be the hacker I am today. In October, I returned for another chance to help out and give back to the community that has given me so much.

DC-4 is the fourth machine in the DC series on Vulnhub and the third available in OffSec’s Proving Grounds Play. S1ren did a live stream on twitch.tv explaining this machine and the recording is on YouTube. If you are looking for DC3, I will be uploading a post later. Currently I host my target on VMware machines and DC3 was not working well. I plan on switching to virtualbox with a different computer soon.

DC-2 is the second machine in the DC series on Vulnhub. In my DC-1 writeup I mentioned S1ren’s walkthrough streams on Twitch.tv and how the videos are recorded on Youtube. S1ren’s DC-2 walkthrough is in the same playlist. Something new as of creating this writeup is that Offensive Security is now offering some of the DC machines on the Proving Grounds. The Proving Grounds offers a free option for anyone to sign up and get 3 hours per day of access to any machine in their “Play” tier.

S1ren from Offensive Security has taken on the task of regularly streaming Vulnhub machines on Twitch.tv at OffSecOfficial. She is hacking one machine a week from Vulnhub and bringing her viewers along for an interactive experience. Viewers can comment during the stream to suggest things to enumerate, exploit, or take note of as well as ask any questions. I’ve started to attempt the machines each week and record notes as I go.

Full disclosure: I am an Offensive Security employee. This My-CMSMS walkthrough is a summary of what I did and learned. Friends from #misec and I completed this challenge together. No company restricted resources were used. Creating walkthroughs for Proving Grounds (PG) Play machines is allowed for anyone to publish. However, PG Practice machines from the paid tier, are not permitted to have public walkthroughs posted. On June 11th, @InfosecAli and I signed into Proving Grounds and booted up an intermediate PG play machine called My-CMSMS.

Sauna is another “easy” Windows machine on HackTheBox. However I definitely fell down my fair share of rabbit holes on this one. There’s a static website hosted here, so I thought it’d start with a web shell. However, this box turned out to to be entire about domains and LDAP. Which I have very little experience with to date. While this blog may sound like a straight path, it’s well edited to be stream lined.

Remote was a fun windows box to hack. This is my second active target on HTB. My first was Traceback. Check that out for a similar web based exercise on Linux. Remote starts with a web vulnerability but requires finding credentials in a public share. DLL Hijacking is required to get a system shell. Lessons learned: Mounting a public windows share Exploit modifications – changing python code for a web exploit DLL Hijacking for privilege escalation Information gathering An initial nmap scan reveals some listening services.

Thanks to a zoom call with members of PA Hackers. I fully exploited my first active HTB machine where I got points for my effort. To celebrate getting root, here’s my write-up. I learned quite a lot with this machine. It introduced me to new PHP web shells and message of the day (motd) privilege escalation. Lessons Learned Open Source INTelligence (OSINT) refresher with Google and Github PHP web shell alternatives to php-reverse-shell.

In this hour long podcast episode, I reviewed a lot of what I have done and what my current projects are. For this year, my goals are to get the OSCP and find a position at Offensive Security that is in the information security realm instead of development. Apart from studying, I’m also trying to help the Kali team with getting official cloud versions available on AWS and Azure with each new Kali release.

On Wednesday April 10th, Misec Lasning held a panel to discuss getting into infosec. Four members of the infosec community shared their stories and advice. I was honored to be on the panel with three others; Kyle Andrus, Melissa Terwilliger, and Brian Martinez. Check out the recorded presentation below to see everyone’s answers! Transitioning from other disciplines to infosec, how should it be done? There is no wrong way to get into infosec.

This year was my fourth attempt at the RuCTFe competition. I was leading the #misec team this year along with some smart and talented people. For those who are unaware. The RuCTFe is a Russian capture the flag event, held online and open to everyone around the world. This year’s event was in November and it was my first time leading the team. The CTF is an active “red vs blue” game, where each team is given a server of vulnerable applications.

Converge 2018 and Bsides Detroit was May 10-12. 3 days of infosec talks, workshops and challenges. I volunteered this year and had an amazing time (as I usually do at conferences). In case you missed out on the fun or are looking to catch up, check out Irongeek’s website for the recorded talks. Converge is a smaller conference if you’re used to hearing about Conferences like Shmoocon, DerbyCon, and Defcon. However we still manage to fill three days with awesome content.

A lot of people ask “How do I get into infosec?” but that is a tough question to answer. There is not one path to follow and there is not one destination either. However if you ask anyone who’s already in the position you’re searching for. A common theme arises, that is years of experience or thousands of dollars for training. Until you’re able to join a company to pay for that training.

GrrCON 2017, the seventh year and my third time attending. I volunteered again this year because it is a lot more involved than being a regular attendee. I’ve been to other conferences where volunteering burns you out. GrrCON is the only con where I could be in the middle of one job and ask “What more can I do to help?”. The 2017 Difference GrrCON hasn’t changed much since I have started coming to it.

May 11-12th was the Converge conference. If you’re in Michigan and are curious about information security, then I suggest you look at attending next year. For those that missed this year, Irongeek recorded all the talks and posted them online for you! Watch some of the talks and then put an alert on your phone to buy tickets for next year. Converge is a great conference. I’ll admit I’m partial because it’s in my backyard.

At the #misec meeting I attended in mid April there was a panel on building a infosec community… so I’m borrowing their title for a post and giving my two cents in order to spread the topic! I won’t give a huge synopsis of who said what like I did in my last post about a #misec panel. Instead, please watch #misec’s video on youtube if you’re interested in what was shared.

Shmoocon is a hacker conference in Washington DC. I’ve been interested in going since 2015 but this is the first year I’ve been able to make it out. The conference was really hard to get into. Not because it’s expensive or that it’s hard to get to DC, but because the process to get my ticket was a unique challenge in itself. It required me to rely on good friends, new skills, and a whole lot of luck.

Some time last year, I wrote a post about setting up an IRC client on my VM. The idea was that since it’s always online, I’d always have the chat history for the #misec IRC channel. That way I’d never miss a mention or interesting conversation. Since then, a lot has changed and I don’t connect to that machine as much as I used to. I had to restart it a few times so the “always online” theory quickly fizzled out as well.

October 6th & 7th was GrrCON. For those that don’t know, it is a security conference in Grand Rapids, Michigan. 2015 was the first year I started going to conferences and GrrCON was my first. That year I volunteered because it’s really hard for poor students to pay their way for the fun stuff. This year, I have a job that actually pays for me to go and learn about security.

April 26th was when I booked my flights to and from Las Vegas for hacker summer camp. I had no idea what was in store for me. The plan was to attend some conferences with Amanda Berlin, who had offered to to let me stay with her. Originally I did not plan to go at all. Although after discussing with her, I really only had one option left. I was walking into one of the best hacker experiences I’ve had to date.

Hey guys, I know it’s been a while since I posted. Thank you for coming back to read more. I hope you find these interesting. This post is a follow up of my SecOps experience at Circle City Con. I learned a lot and am looking forward to doing it again. The Conference Circle City Con is a annual security conference in Indianapolis. This year’s theme was Game of Pwns. The theme added a fun aspect to the usual conference atmosphere.

On Saturday, May 21st. The first career panel in #Misec history was held. Put on by the brave @chaoticflaws, @vajkat, and @ZenM0de, it was highly successful. The panel included @jwgoerlich, @jeremynielson, @jim_beechy, @D0Xt0rZ3r0, and a infosec recruiter from @TEKsystems (Sorry, I didn’t get his contact info). It was five glorious hours of Q/A related to getting a head start in infosec and what really matters in the field. Here’s a recap of what was discussed from the panel.

Hello everyone, thanks for looking at my last post about OverTheWire: Bandit. Since my traffic is about x10 my average consistently for the last four days, I wanted to write a follow up post about the next wargame offered by OverTheWire, Leviathan. All over the exercises, they say to not post walkthroughs or writeups, so I won’t. I will do my best to promote the project without giving away the important stuff.

Hey everyone, this post about Bandit is NOT a walkthrough of the greatest (only) “learn bash hacking” programs I’ve completed. This is NOT going to give you an advantage if you’re looking for cheat codes. This post will hopefully make you click on OverTheWire and want to try it out for yourself. Why you should try Bandit Do you work with Linux, bash shells, scripts, or ever have to deal with the command line?

When a lot of people hear about hacking, they imagine a guy in a hoodie at a computer late at night. That’s not always the case, social engineering is a big part of the picture. This last weekend I went to Bsides Indy, and the keynote was about communicating with management about security. He gave a few examples about breaking into some of the most secure places… because of human error.

Hi everyone, last night I gave a lightning talk at Misec Jackson. It was a quick 15 minute summary of my last blog post on TLS. I summed everything up into 12 slides and threw in some last minute images to make it look better than just bullet points on bullet points. Other lightning talks from the night I wasn’t the only talk that night, there was a talk on IPv6 that was pretty insightful.

Tuesday December 8th was the last meeting of the semester for Spartan Hackers and I gave the presentation. A group of students at Michigan State University who go to hackathons and want to learn more about computer science. Each week we have workshops to introduce new things to our members, topics vary from “Intro to HTML” to “Web Scraping”. The original idea was to have a security company come in and talk with us, but that fell through at the last minute.

** Disclaimer: While this post is about security; it’s also doubling as my homework for MI 201 at Michigan State University ** Creative Breakthroughs, Inc. or CBI is a IT risk management company that was founded in 1991. Their motto is to keep data “secure, compliant and available”. They work with other companies to train them, review their security policies, and more. CBI has their own website with a blog and CBI is also on Facebook, Twitter, and LinkedIn.

I know there is a lot of different people reading this post; mentors, coworkers, students, friends and family. So I’ll be as thorough as possible to cover all the bases. Mainly because I’m very excited about all of this and I want to write down all of the details before it gets too late. (Feel free to skip a paragraph if it gets too boring) what’s ruCTFe? First off, it is capture the flag!

If you’re interested in hacking, information security or even the word cyber. Then you probably are scanning the the internet for things to learn. I want to get as much information as possible, and cons are a great way to listen to some awesome presenters. But how am I going to listen to every talk when there’s three going on at the same time? And on top of that, isn’t cons about networking and connecting with others as well?

Who’s been to a Security Conference before? I’m finally able to include myself in that group and I’m really exited about that. A conference is all about meeting others in infosec, learning a lot from talks and workshops, trying your hand at capture the flags (CTFs) or lock picking, networking and most importantly having a great time. Not only did I get to go to my first con, I got to volunteer at GrrCON!

Yesterday, I was at Arbsec’s a2y.asm “(as in Ann Arbor / Ypsilanti assembly) [which] is a mini-conference aimed at showcasing presentations on hacking and computer security-related topics by practitioners, researchers, etc. in/around the greater Ann Arbor area.” It’s a small, local, group of Michigan infosec people and it was a lot of fun. The venue was Bona Sera, a nice bar with a basement level big enough for all of our activities.

I’ve posted before about chatting on #misec IRC and how it’s a great group of people. Well now it’s also the place where I’ve found my first infosec mentor! Jimmy Vo is a security researcher at rapid7 and is teaching me the basics of information security. We are meeting online at least every other week and talking about a large range of things from current security events, best practices, and tool walk throughs (like metasploit), as well as career prep and how to survive in this industry.

First meeting at #MiSec and I missed it! Right as I was about to leave, there was a knock at my door. Impromptu Comcast employees trying to save us a couple hundred dollars. Of course by the time they were done installing free cable, it was already 7:05 and it would take 30 minutes to drive to the meeting… So I watched the live stream on youtube and wrote comments on IRC.

A couple weeks ago I was volunteering at Spartahack, a awesome new hackathon hosted at MSU. One of the guest celebrity judges was Jay Freeman a.k.a. Saurik. If you have ever jailbroken your apple device, you should be thanking Jay because he’s the creator of the jailbroke app store called Cydia. He had a talk at the hackathon where he explained approximately 10 bugs used in apple and andriod phones in the last decade that was found by reverse engineering code.

When people say “I want to be a Hacker” a lot of people don’t know where to start. Google is a good option but there’s a lot of dead ends, if you try to find “How to hack my friend’s Facebook account” you’re more likely to find a way to get a virus then to actually find a way to get into Facebook. Step 1 to becoming a Hacker: Find communities both online and local.

Who’s excited for the next Chris Hemsworth movie coming out Friday January 16th?!? He’s trading in his hammer for a laptop in this up and coming action packed thriller. Now, granted, anyone who calls themselves a hacker would cringe to call Hemsworth a “black hat hacker”. But there’s one thing I love about movies like this one. It opens your minds to the endless wonders of what hacking can do.