Donald Ashdown
Hack the Box - Driver
SCP File injection, MITM - Responder, NTLM, evil-winrm, printer nightmare.
top of page
Cyber Blog​
Search
Donald Ashdown
- Feb 21, 2022
Hack the Box - Horizontall
Linux, CMS Exploit, Strapi, Laravel, Outdated Software, CVE, Injection, RCE, Account Misconfiguration, Port forwarding (ssh),
Donald Ashdown
- Feb 9, 2022
SANS KringleCon Challenge 7
Printer nightmare exploitation by hand!
Donald Ashdown
- Feb 5, 2022
SANS KringleCon Objective 6
All about assembly language!
Donald Ashdown
- Feb 5, 2022
Hack the Box Celestial
De-serialization vulnerability, and eval statement abuse.
Donald Ashdown
- Jan 29, 2022
SANS KringleCon Objective 6 Terminal
Objective Challenge This is a super cool challenge where we have to talk to Chimney Scissorsticks in the netwars area for our Objective 6...
Donald Ashdown
- Jan 29, 2022
SANS KringleCon Objective 5
Objective Challenge This was a neat challenge that taught us about the rubber ducky USB device. The work flow for this challenge is to...
Donald Ashdown
- Jan 23, 2022
Hack the Box - Writer
SQL Injection, Hydra SSH BF, Post fix disclaimer, Cron - apt.confd
Donald Ashdown
- Jan 14, 2022
SANS KringleCon - Objective 5 Terminal
Objective Challenge In this challenge, we are tasked with a terminal challenge in order to receive hints for Objective 5. This challenge...
Donald Ashdown
- Jan 11, 2022
Hack the Box - Previse
Engagement flow Summary This was a really cool machine that started off with web enumeration, leading to a login bypass in which we had...
Donald Ashdown
- Jan 8, 2022
SANS KringleCon Objective 4
Objective Challenge In this challenge we are tasked with taking our total coin count above 1000 and this will result in Jack Frosts...
Donald Ashdown
- Jan 8, 2022
SANS KringleCon Terminal Objective 4
Objective Challenge In this challenge, we are tasked with solving a fun bit wise operator challenge, in order to receive the hint, and...
Donald Ashdown
- Jan 8, 2022
Sans KringleCon - Objective 3 - Terminal
Greasy GopherGuts needs our help with grepping through some nmap results and invites us to activate the terminal. 1. What port does...
Donald Ashdown
- Jan 8, 2022
SANS - KringleCon Objective 3
Objective Challenge This is really cool challenge that we never expected. I recall in previous KringleCon challenges we were also...
Donald Ashdown
- Jan 8, 2022
Sans KringleCon - Objective 2
Objective Challenge This challenge is pretty straight forwards and just invites us to look around the castle and get familiar with lay of...
Donald Ashdown
- Jan 8, 2022
SANS KringleCon Objective 2 Terminal
Objective Challenge We speak with Piney Sappington to kick things off as the pre-curser to objective 2. He goes on to explain that our...
Donald Ashdown
- Jan 8, 2022
Sans KringleCon - Intro Objective 1
Welcome to the SANS Kringlecon 2021 holiday hack challenge. We start off here in a little courtyard outside of KringleCon where we are...
Donald Ashdown
- Jan 3, 2022
Advent of Cyber 2021 Day 3 - Web Exploitation
This challenge deals with content discover, auth bypass, dirbusting.
Donald Ashdown
- Jan 3, 2022
Advent of Cyber 2021 Day 2 - Web Exploitation
Working with cookie manipulation, encoding and formatting.
Donald Ashdown
- Jan 2, 2022
Advent of Cyber 2021 Day 1 - Web Exploitation
This task deals with IDOR vulnerabilities.
Donald Ashdown
- Dec 11, 2021
Hack the Box - Seal
git review, ssl ssrf, rev proxy, sym link, ansible playbook,
Donald Ashdown
- Nov 28, 2021
Hack the Box - Intelligence
IDOR, cluster bomb, DNS Poisonings, MITM, Time synch
Donald Ashdown
- Nov 25, 2021
Hack the Box - Bounty Hunter
XXE injection with PHP was the main focus of this machine.
Donald Ashdown
- Nov 22, 2021
Hack the Box - Nunchucks
Subdomain enum, SSTI, app armor bypass (GTFO),
bottom of page