Linux is everywhere. Although that is a really obvious statement, it hits home when you realise that there are a small number of people who learn to properly use this wonderful open source environment, and even less so is the amount of people who focus on Linux and then branch out into security considerations and making software to secure and harden this lovely operating system.

With this article I want to provide a small journey for those starting out and want to be part of that small group. Overall the content of this post will follow the format and inspiration of the LPIC-Linux Essentials Topic 5. Security and File Permissions. The two key areas we will look at are: -All Linux Machines have users- Users in Linux and User Administration; and -Everything is a file- File Permissions and Management of Access.

…

Hey all, Happy New Year 🍾🍾🍾 I hope everything has been going well for you all. 2022 looks like it is shaping up to be an amazing year for cybersecurity, from trends in people adopting blockchain technologies and buzzwords, to an ever-growing threat of supplychain-related vulnerabilites on software (One only need look at Log4J). With such complexity it is nice to sometimes have a casual box to tinker away at. That casual box is Bountyhunter.This box can be found here

…

After a brief hiatus due to a few changes that have been going around. I would like to introduce another walkthrough for a basic machine, Archangel. This box can be found here

We can start this box by setting up our VPN (or attack box) and making sure the box is online by pinging the provided IP. Then, we add the machine IP (10.10.88.100) to the /etc/hosts files so it is easier to mention the IP when using tools, we add it as “archangel.thm”.

…

The following is a walkthrough for a basic machine that aims to educate beginners on proper enumeration and usage of a CVE to perform an authenticated Remote Code Execution (RCE) vulnerability to get a root shell on the server. Once root is obtained on a box there are a number of post exploitation activities seldom explored passed ‘popping the box’, however this is best let for another post for another day.

…

Have you heard about the Practical Network Penetration Tester (PNPT) certification by TCM Security? If you haven’t then it’s definitely worth looking into due to it’s fantastic price point and excellent dedication to being a fair, realistic challenge to test External and Internal Penetration Testing techniques. There are lengthier posts around the PNPT which I will post at the end, however this is designed to be a quick and to the point entry around what you should know around what it is, my own story, and recommendations to take and pass the exam.

…

Username enumeration is very much undervalued as a risk. For most people they see this as little more than knowing a handle or a profile name.

So what if they have my email address to login? They don’t have my password so I’m safe.

Although it is true that username enumeration is not ‘be all, end all’ of an attack, it is certainly a core step in the Cyber Killchain For more information on the Lockheed Martin Cyber Killchain, click here. Once a full list of usernames on the system is enumerated, an attacker can go on to perform other attacks such as:

…

As with all good identification of poor application security, the devil is in the details (unless of course the security issues derives from poor design or logic, which in that case the devil is already there to stay and there is little you can do except burn the application). Without digressing too much however, we will look at an interesting but potentially costly vulnerability in PHP development commonly seen where equals comparisons are used instead of the more appropriate strict comparison, to which a PHP variable type juggling vulnerability can propogate leading to potential login bypass and breaking logic of search and comparison functions that exist in the application being examined.

…

The purpose of this blog is to revamp and start up again a blog in order to improve my understanding of security while at the same time improving my knowledge of the art of security.

Much like the words of the great philosopher Carl “CJ” Johnson of San Andreas, we are indeed… Going again:

I chose Jekyll Now because of a few reasons:

• Jekyll was recommended ages ago
• Easier to setup than standard Jekyll
• I take notes with Obsidian, therefore the more Markdown I can consume and use the better.

The reason why it is on Github Pages:

…