Write-up: Hack The Box – Rope Two

The machine Rope2 by r4j is probably (one of) the hardest boxes on HackTheBox.eu with only 104 system owns after 202 days. The theme of the box is more or less “research”, since it requires (gaining) knowledge in many different fields: Browser Exploitation, esoteric Heap Feng-Shui, and finally Linux Kernel Exploitation. For me, all 3 fields were pretty new and thus I had a lot to learn (over the course of almost exactly 3 months).

Continue reading “Write-up: Hack The Box – Rope Two”

Write-up: Hackvent 2019

Like the past few years, the HackingLab Team provided the white-hat hacking competition Hackvent in the form of a advent calendar. From December 1st to 24th , each day, a new challenge was released that has to be solved in-time for scoring full points. Like the past years, challenges were provided from various community members.

Continue reading “Write-up: Hackvent 2019”

ARM-X Challenge: Breaking the webs

At the beginning of November, @therealsaumil announced “a brand new IP camera CTF challenge” on Twitter:

Continue reading “ARM-X Challenge: Breaking the webs”

Writeup: KringleCon 2018

The annual Holiday Hack Challenge by SANS and the Counterhack team takes place during Christmas time and is always entertaining and great for learning a new trick (or two). This year, the challenge was organized as an online conference, called KringleCon: https://holidayhackchallenge.com/2018/ with great talks and a well thought-out story.

Continue reading “Writeup: KringleCon 2018”

Wammer – WiFi jamming made easy

Latest posts by rdo (see all)

Since years the IEEE 802.11 WiFi protocol has a well-known design flaw which allows attackers to disconnected clients from the WiFi access point they’re connected to.

All he has to do, is to send “dauthentication frames” to the WiFi access point. Because the IEEE 802.11 WiFi standard doesn’t require encryption for such frames, an attacker is able to perform the attack even though he isn’t connected with that access point. Continue reading “Wammer – WiFi jamming made easy”

Bypass Kiosk Mode with Libre/Open Office

Given you have restricted access to a computer and can only open certain programs. Usually this is caused by the Kiosk Mode that has a white list which contains only trusted programs. Libre/Open Office is a widely used/unlocked program on such Kiosk Modes. Some vendors unlock the whole Libre/Open Office folder: “C:\Program Files\LibreOffice 5\program” or “C:\Program Files (x86)\OpenOffice 4\program” including all other binary files. Python version 3.5.4 (Libre Office) / 2.7.13 (Open Office) is automatically included in the default installation of Libre/Open Office. Now a user can create a Libre/Open Office macro to run a python shell: Continue reading “Bypass Kiosk Mode with Libre/Open Office”

Chrome Information Leakage – Prediction Service & Preload

Last year in February, I found a vulnerability at google chrome and submitted it(Bug Report). So far nothing has happened and now the vulnerability  has been published on twitter: https://twitter.com/zerosum0x0/status/958890437837692928 Continue reading “Chrome Information Leakage – Prediction Service & Preload”