Donald Ashdown
SANS KringleCon Objective 6 Terminal
Objective Challenge This is a super cool challenge where we have to talk to Chimney Scissorsticks in the netwars area for our Objective 6...
top of page
Cyber Blog​
Search
Donald Ashdown
- Jan 29, 2022
SANS KringleCon Objective 5
Objective Challenge This was a neat challenge that taught us about the rubber ducky USB device. The work flow for this challenge is to...
Donald Ashdown
- Jan 23, 2022
Hack the Box - Writer
SQL Injection, Hydra SSH BF, Post fix disclaimer, Cron - apt.confd
Donald Ashdown
- Jan 14, 2022
SANS KringleCon - Objective 5 Terminal
Objective Challenge In this challenge, we are tasked with a terminal challenge in order to receive hints for Objective 5. This challenge...
Donald Ashdown
- Jan 11, 2022
Hack the Box - Previse
Engagement flow Summary This was a really cool machine that started off with web enumeration, leading to a login bypass in which we had...
Donald Ashdown
- Jan 8, 2022
SANS KringleCon Objective 4
Objective Challenge In this challenge we are tasked with taking our total coin count above 1000 and this will result in Jack Frosts...
Donald Ashdown
- Jan 8, 2022
SANS KringleCon Terminal Objective 4
Objective Challenge In this challenge, we are tasked with solving a fun bit wise operator challenge, in order to receive the hint, and...
Donald Ashdown
- Jan 8, 2022
Sans KringleCon - Objective 3 - Terminal
Greasy GopherGuts needs our help with grepping through some nmap results and invites us to activate the terminal. 1. What port does...
Donald Ashdown
- Jan 8, 2022
SANS - KringleCon Objective 3
Objective Challenge This is really cool challenge that we never expected. I recall in previous KringleCon challenges we were also...
Donald Ashdown
- Jan 8, 2022
Sans KringleCon - Objective 2
Objective Challenge This challenge is pretty straight forwards and just invites us to look around the castle and get familiar with lay of...
Donald Ashdown
- Jan 8, 2022
SANS KringleCon Objective 2 Terminal
Objective Challenge We speak with Piney Sappington to kick things off as the pre-curser to objective 2. He goes on to explain that our...
Donald Ashdown
- Jan 8, 2022
Sans KringleCon - Intro Objective 1
Welcome to the SANS Kringlecon 2021 holiday hack challenge. We start off here in a little courtyard outside of KringleCon where we are...
Donald Ashdown
- Jan 3, 2022
Advent of Cyber 2021 Day 3 - Web Exploitation
This challenge deals with content discover, auth bypass, dirbusting.
Donald Ashdown
- Jan 3, 2022
Advent of Cyber 2021 Day 2 - Web Exploitation
Working with cookie manipulation, encoding and formatting.
Donald Ashdown
- Jan 2, 2022
Advent of Cyber 2021 Day 1 - Web Exploitation
This task deals with IDOR vulnerabilities.
Donald Ashdown
- Dec 11, 2021
Hack the Box - Seal
git review, ssl ssrf, rev proxy, sym link, ansible playbook,
Donald Ashdown
- Nov 28, 2021
Hack the Box - Intelligence
IDOR, cluster bomb, DNS Poisonings, MITM, Time synch
Donald Ashdown
- Nov 25, 2021
Hack the Box - Bounty Hunter
XXE injection with PHP was the main focus of this machine.
Donald Ashdown
- Nov 22, 2021
Hack the Box - Nunchucks
Subdomain enum, SSTI, app armor bypass (GTFO),
Donald Ashdown
- Nov 15, 2021
Hack the Box - Explore
SSH pass,
ADB ,
EsFileExplore,
SSH port forwarding,
Donald Ashdown
- Nov 6, 2021
Hack the Box Dynstr
Work flow Summary This was a rather difficult machine that involves command injection with bad character encoding for initial foothold,...
Donald Ashdown
- Oct 19, 2021
Hack the Box Querier
Summary This was an amazing machine that involved insecure file sharing services that provided credentials for an SQL server connection...
Donald Ashdown
- Oct 11, 2021
Hack the Box Validation
This was an amazing machine created by ippsec that required "second order" SQL injection. This provides the surface area to inject a webshel
Donald Ashdown
- Oct 4, 2021
Hack the box - Knife
An extremely easy box that really shows the range of difficulties which can be within the "easy" band of Hack the box difficulties
bottom of page