top of page
Cyber Blog​
Search
BlueDolphin
Jan 29, 2022
SANS KringleCon Objective 6 Terminal
Objective Challenge This is a super cool challenge where we have to talk to Chimney Scissorsticks in the netwars area for our Objective 6...
BlueDolphin
Jan 29, 2022
SANS KringleCon Objective 5
Objective Challenge This was a neat challenge that taught us about the rubber ducky USB device. The work flow for this challenge is to...
BlueDolphin
Jan 23, 2022
Hack the Box - Writer
SQL Injection, Hydra SSH BF, Post fix disclaimer, Cron - apt.confd
BlueDolphin
Jan 14, 2022
SANS KringleCon - Objective 5 Terminal
Objective Challenge In this challenge, we are tasked with a terminal challenge in order to receive hints for Objective 5. This challenge...
BlueDolphin
Jan 11, 2022
Hack the Box - Previse
Engagement flow Summary This was a really cool machine that started off with web enumeration, leading to a login bypass in which we had...
BlueDolphin
Jan 8, 2022
SANS KringleCon Objective 4
Objective Challenge In this challenge we are tasked with taking our total coin count above 1000 and this will result in Jack Frosts...
BlueDolphin
Jan 8, 2022
SANS KringleCon Terminal Objective 4
Objective Challenge In this challenge, we are tasked with solving a fun bit wise operator challenge, in order to receive the hint, and...
BlueDolphin
Jan 8, 2022
Sans KringleCon - Objective 3 - Terminal
Greasy GopherGuts needs our help with grepping through some nmap results and invites us to activate the terminal. 1. What port does...
BlueDolphin
Jan 8, 2022
SANS - KringleCon Objective 3
Objective Challenge This is really cool challenge that we never expected. I recall in previous KringleCon challenges we were also...
BlueDolphin
Jan 8, 2022
Sans KringleCon - Objective 2
Objective Challenge This challenge is pretty straight forwards and just invites us to look around the castle and get familiar with lay of...
BlueDolphin
Jan 8, 2022
SANS KringleCon Objective 2 Terminal
Objective Challenge We speak with Piney Sappington to kick things off as the pre-curser to objective 2. He goes on to explain that our...
BlueDolphin
Jan 8, 2022
Sans KringleCon - Intro Objective 1
Welcome to the SANS Kringlecon 2021 holiday hack challenge. We start off here in a little courtyard outside of KringleCon where we are...
BlueDolphin
Jan 3, 2022
Advent of Cyber 2021 Day 3 - Web Exploitation
This challenge deals with content discover, auth bypass, dirbusting.
BlueDolphin
Jan 3, 2022
Advent of Cyber 2021 Day 2 - Web Exploitation
Working with cookie manipulation, encoding and formatting.
BlueDolphin
Jan 2, 2022
Advent of Cyber 2021 Day 1 - Web Exploitation
This task deals with IDOR vulnerabilities.
BlueDolphin
Dec 11, 2021
Hack the Box - Seal
git review, ssl ssrf, rev proxy, sym link, ansible playbook,
BlueDolphin
Nov 28, 2021
Hack the Box - Intelligence
IDOR, cluster bomb, DNS Poisonings, MITM, Time synch
BlueDolphin
Nov 25, 2021
Hack the Box - Bounty Hunter
XXE injection with PHP was the main focus of this machine.
BlueDolphin
Nov 22, 2021
Hack the Box - Nunchucks
Subdomain enum, SSTI, app armor bypass (GTFO),
BlueDolphin
Nov 15, 2021
Hack the Box - Explore
SSH pass,
ADB ,
EsFileExplore,
SSH port forwarding,
BlueDolphin
Nov 6, 2021
Hack the Box Dynstr
Work flow Summary This was a rather difficult machine that involves command injection with bad character encoding for initial foothold,...
BlueDolphin
Oct 19, 2021
Hack the Box Querier
Summary This was an amazing machine that involved insecure file sharing services that provided credentials for an SQL server connection...
BlueDolphin
Oct 11, 2021
Hack the Box Validation
This was an amazing machine created by ippsec that required "second order" SQL injection. This provides the surface area to inject a webshel
BlueDolphin
Oct 4, 2021
Hack the box - Knife
An extremely easy box that really shows the range of difficulties which can be within the "easy" band of Hack the box difficulties
bottom of page