A blog about cybersecurity by Cybix AB
IT-säkerhetskonferenser 2022
Efter två års uppehåll p.g.a. pandemi kickade konferenserna igång igen under 2022. En gång i tiden kunde de här konferenserna te sig lite som i bilden ovan. Eftersom jag upplever att en hel del har förändrats tänkte jag summera konferensåret 2022 och dela med mig lite av mina intryck och de trender som jag tycker mig se.
Innan jag beskriver mina intryck från dessa konferenser är det lämpligt att deklarera vad jag vill ha ut av en konferens.…
Read more ⟶
Writeup for the easy ranked HTB box Secret
This writeup describes how I approached the box Secret from Hack The Box (https://www.hackthebox.eu). The box is based on Linux and it is rated easy. Tools and techniques used in this hack are Nmap, Dirb, Ffuf, Firefox, Burpsuite, Curl, Javascript, Git, JSon and JWT.
My style of writeups is to describe how I was thinking when attacking them. My personal opinion is that I learn from analysing my process over and over again, and you learn more from understanding the process than just following a guide.…
Read more ⟶
Writeup for Hack The Boo CTF 2022 challenge Spooky Times
Hack The Box arranged Hack The Boo CTF between 22 Oct, 13:00, 2022 and 27 Oct, 13:00. It is a five day event with a one person per team limit. The event is beginner level friendly. Every day five new events are released in the categories web, crypto, pwn, forensics and reverse engineering. Since it’s a beginner friendly event it makes it fun to play even if let’s say crypto and rev is not your thing.…
Read more ⟶
Writeup for the easy ranked HTB box Driver
Finally! The box with the print-nightmare vulnerability came on HackTheBox. Nowadays there are security patches available for this but in the beginning, it was a zero-day and also a POC available for the public. I’m going to showcase two possible ways, first a Remote Code Exection done via my local machine CVE-2021-1675 (RCE) and then a Local Privledge Escalation CVE-2021-1675 (LPE) done after getting the exploit to the box.
Let’s GO!…
Read more ⟶