Donald Ashdown
Cyber Defenders - Malware Traffic Analysis 1
The attached PCAP belongs to an Exploitation Kit infection. Analyze it using your favorite tool and answer the challenge questions....
top of page
Search
Donald Ashdown
- Apr 23, 2022
Hack the Box - BackDoor
Work flow Summary Another easy machine that required several twists and turn along the way to root. Starting off with a narrow attack...
Donald Ashdown
- Apr 13, 2022
CyberDefenders - HawkEye - PCap Forensics
Scenario: An accountant at your organization received an email regarding an invoice with a download link. Suspicious network traffic was obs
Donald Ashdown
- Apr 9, 2022
Hack the Box - Devzat
Docker, API, CVE, RCE, Golang, Source Code Review, Git abuse, LFI, cmd injection.
Donald Ashdown
- Mar 21, 2022
Hack the Box - Driver
SCP File injection, MITM - Responder, NTLM, evil-winrm, printer nightmare.
Donald Ashdown
- Feb 21, 2022
Hack the Box - Horizontall
Linux, CMS Exploit, Strapi, Laravel, Outdated Software, CVE, Injection, RCE, Account Misconfiguration, Port forwarding (ssh),
Donald Ashdown
- Feb 9, 2022
SANS KringleCon Challenge 7
Printer nightmare exploitation by hand!
Donald Ashdown
- Feb 5, 2022
SANS KringleCon Objective 6
All about assembly language!
Donald Ashdown
- Feb 5, 2022
Hack the Box Celestial
De-serialization vulnerability, and eval statement abuse.
Donald Ashdown
- Jan 29, 2022
SANS KringleCon Objective 6 Terminal
Objective Challenge This is a super cool challenge where we have to talk to Chimney Scissorsticks in the netwars area for our Objective 6...
Donald Ashdown
- Jan 29, 2022
SANS KringleCon Objective 5
Objective Challenge This was a neat challenge that taught us about the rubber ducky USB device. The work flow for this challenge is to...
Donald Ashdown
- Jan 23, 2022
Hack the Box - Writer
SQL Injection, Hydra SSH BF, Post fix disclaimer, Cron - apt.confd
Donald Ashdown
- Jan 14, 2022
SANS KringleCon - Objective 5 Terminal
Objective Challenge In this challenge, we are tasked with a terminal challenge in order to receive hints for Objective 5. This challenge...
Donald Ashdown
- Jan 11, 2022
Hack the Box - Previse
Engagement flow Summary This was a really cool machine that started off with web enumeration, leading to a login bypass in which we had...
Donald Ashdown
- Jan 8, 2022
SANS KringleCon Objective 4
Objective Challenge In this challenge we are tasked with taking our total coin count above 1000 and this will result in Jack Frosts...
Donald Ashdown
- Jan 8, 2022
SANS KringleCon Terminal Objective 4
Objective Challenge In this challenge, we are tasked with solving a fun bit wise operator challenge, in order to receive the hint, and...
Donald Ashdown
- Jan 8, 2022
Sans KringleCon - Objective 3 - Terminal
Greasy GopherGuts needs our help with grepping through some nmap results and invites us to activate the terminal. 1. What port does...
Donald Ashdown
- Jan 8, 2022
SANS - KringleCon Objective 3
Objective Challenge This is really cool challenge that we never expected. I recall in previous KringleCon challenges we were also...
Donald Ashdown
- Jan 8, 2022
Sans KringleCon - Objective 2
Objective Challenge This challenge is pretty straight forwards and just invites us to look around the castle and get familiar with lay of...
Donald Ashdown
- Jan 8, 2022
SANS KringleCon Objective 2 Terminal
Objective Challenge We speak with Piney Sappington to kick things off as the pre-curser to objective 2. He goes on to explain that our...
Donald Ashdown
- Jan 8, 2022
Sans KringleCon - Intro Objective 1
Welcome to the SANS Kringlecon 2021 holiday hack challenge. We start off here in a little courtyard outside of KringleCon where we are...
Donald Ashdown
- Jan 3, 2022
Advent of Cyber 2021 Day 3 - Web Exploitation
This challenge deals with content discover, auth bypass, dirbusting.
Donald Ashdown
- Jan 3, 2022
Advent of Cyber 2021 Day 2 - Web Exploitation
Working with cookie manipulation, encoding and formatting.
Donald Ashdown
- Jan 2, 2022
Advent of Cyber 2021 Day 1 - Web Exploitation
This task deals with IDOR vulnerabilities.
bottom of page