April 29, 2022

Proving Grounds DC4 Writeup

DC-4 is the fourth machine in the DC series on Vulnhub and the third available in OffSec’s Proving Grounds Play. S1ren did a live stream on twitch.tv explaining this machine and the recording is on YouTube. If you are looking for DC3, I will be uploading a post later. Currently I host my target on VMware machines and DC3 was not working well. I plan on switching to virtualbox with a different computer soon.

April 8, 2022

Proving Grounds DC2 Writeup

DC-2 is the second machine in the DC series on Vulnhub. In my DC-1 writeup I mentioned S1ren’s walkthrough streams on Twitch.tv and how the videos are recorded on Youtube. S1ren’s DC-2 walkthrough is in the same playlist. Something new as of creating this writeup is that Offensive Security is now offering some of the DC machines on the Proving Grounds. The Proving Grounds offers a free option for anyone to sign up and get 3 hours per day of access to any machine in their “Play” tier.

April 5, 2022

Vulnhub DC1 Writeup

S1ren from Offensive Security has taken on the task of regularly streaming Vulnhub machines on Twitch.tv at OffSecOfficial. She is hacking one machine a week from Vulnhub and bringing her viewers along for an interactive experience. Viewers can comment during the stream to suggest things to enumerate, exploit, or take note of as well as ask any questions. I’ve started to attempt the machines each week and record notes as I go.

March 17, 2022

Hello Hugo, Goodbye WordPress

One of my goals for 2022 is to blog more frequently. I used to try and get a post out weekly when this blog was originally a college project. Weekly turned into monthly posts as my content got more technical and my career took off. Last year I posted once. Now that ends! I’m kicking off this revival with a site refresh. HackerUnderDev is moving away from a WordPress site running on a DigitalOcean droplet for a Hugo site running on Netlify.

June 13, 2021

Proving Grounds My-CMSMS Writeup

Full disclosure: I am an Offensive Security employee. This My-CMSMS walkthrough is a summary of what I did and learned. Friends from #misec and I completed this challenge together. No company restricted resources were used. Creating walkthroughs for Proving Grounds (PG) Play machines is allowed for anyone to publish. However, PG Practice machines from the paid tier, are not permitted to have public walkthroughs posted. On June 11th, @InfosecAli and I signed into Proving Grounds and booted up an intermediate PG play machine called My-CMSMS.

October 24, 2020

Hack your way to financial freedom

There is no get rich quick schemes to maximize your finances. Hacking is not cyber crime. If you think this post is going to be 5 steps to become a millionaire or advice on how to steal money, you’re wrong. This is a collection of advice I’ve picked up in recent years and suggest you follow. I will also admit that I have been blessed. My family is not poor, I grew up in a good area and received a strong education.

July 9, 2020

HackTheBox Sauna Writeup

Sauna is another “easy” Windows machine on HackTheBox. However I definitely fell down my fair share of rabbit holes on this one. There’s a static website hosted here, so I thought it’d start with a web shell. However, this box turned out to to be entire about domains and LDAP. Which I have very little experience with to date. While this blog may sound like a straight path, it’s well edited to be stream lined.

July 6, 2020

Walkthrough Decryption Instructions

4/9/2022 Update: After migrating from WordPress to Hugo, I do not have the ability to password protect blog posts. All content will be public and because of that these decryption instructions are no longer worthwhile for https://hackerunder.dev. I will not be posting content that requires password protection. For example, I previously shared unretired hackthebox machine walkthroughs but required hashes as the password for the post. This decryption method was copied from 0xPrashant and his own blog.

July 4, 2020

HackTheBox Remote Writeup

Remote was a fun windows box to hack. This is my second active target on HTB. My first was Traceback. Check that out for a similar web based exercise on Linux. Remote starts with a web vulnerability but requires finding credentials in a public share. DLL Hijacking is required to get a system shell. Lessons learned: Mounting a public windows share Exploit modifications – changing python code for a web exploit DLL Hijacking for privilege escalation Information gathering An initial nmap scan reveals some listening services.

May 3, 2020

HackTheBox Traceback Write-up

Thanks to a zoom call with members of PA Hackers. I fully exploited my first active HTB machine where I got points for my effort. To celebrate getting root, here’s my write-up. I learned quite a lot with this machine. It introduced me to new PHP web shells and message of the day (motd) privilege escalation. Lessons Learned Open Source INTelligence (OSINT) refresher with Google and Github PHP web shell alternatives to php-reverse-shell.