THM - Alfred

Intro Without further ado, let’s get started and see what this box is made of! Target THM - Alfred Recon From the box logo and description we can discover that : Target runs Windows ; Target runs Jenkins. Let’s go! Enum Let’s start a basic nmap scan : sudo nmap -T4 -A -p- -oA nmap $target_ip Unfortunately, nmap will complain that Note: Host seems down. If it is really up, but blocking our ping probes, try -Pn.

HTB - OpenAdmin without MetaSploit

Intro The importance to also patch your “applications”, and not just your services. Target HTB - OpenAdmin Recon Again, this is an HTB box, so recon is mainly active, and I feel like active recon == enum. Still, we can check : Name of the box : OpenAdmin ; OS “type”, : Linux : Hints given on HTB website, information section : Enum As always, we start with an nmap scan :

HTB - Blue without MetaSploit

Intro A good ol' vuln to get starting! This will be my first real tutorial, so I’ll try to explain the basics of what I am doing. Please bear in mind that I am very new to hacking, probably like you are. I am merely sharing my knowledge and by doing so I am making sure I understood what I did. Please correct me if you find anything wrong, or ask question if you need to!

Starting my hacking journey, hopefully!

It’s been a while since I wrote here, hopefully I will be able to write more often and hopefully too I will be able to finally get into hacking properly. Bosom buddies I have been interested by InfoSec for many years. It mostly started a bit more than 10 years ago when I was reading a lot about pentesting : Kali was called BackTrack then, I played a lot with it and MetaSploit.

Hello FastMail, Goodbye ProtonMail

After a bit more than a year using ProtonMail, I couldn’t bear it anymore… I was really pissed by its lack of “usability”. Even though I had almost 1 year left, I made the switch to FastMail, and I couldn’t have been happier. Let me explain. ProtonMail isn’t bad… However, there is a few issues, that overtime really grew over me. First and foremost, the non standard protocols! ProtonMail doesn’t use IMAP(s)/SMTP(s).

Manage VMware snapshots with PowerCLI

Manually taking a snapshot under VMware is easy : connect to the HTML5 Web UI, find the server from the list, right click, select Snapshot, Name it… However, when you have to do it several times in a row, it becomes really frustrating. Let’s see how to improve that. Here comes PowerCLI VMware released an awesome (and I am Linux guy) tool to manage your virtual machines from the command line.

Install GLPI on Ubuntu 18.04 with MariaDB and NGinX

GLPI is an asset management software. It can handle automatic inventory of your assets (workstations, servers, printers, etc.) ticketing, and much more. Let’s see how to install it under Ubuntu with MariaDB and NGinX. Prepare your system Simply install the requirements : sudo apt install nginx php7.0-fpm mariadb-server php7.0-curl php7.0-gd php7.0-mysql php7.0-cli php7.0-imap php7.0-ldap php7.0-apcu php7.0-xmlrpc php7.0-mbstring php7.0-xml php7.0-xmlrpc Create the self signed certificates : cd /etc/ssl/certs sudo openssl req -x509 -newkey rsa:4096 -keyout private/gpli.

Automagically deploy apps with GPO and Boxstarter

A few days ago, I talked about Ninite, which is an awesome tool to deploy several Windows apps easily. However, if you want to use it on a Windows domain (likely in your company), you’ll have to get the Pro (and paid version). Hopefully, with BoxStarter, you can do it for free. Let me show you how I do it. Let’s do some scripting! In my case, I want all my users to have the same “base apps” installed on their systems.

All your devices are belong to Ubiquity

I love tech and I love to try new tech stuff. Recently, I have been playing with some network gear from Ubiquiti. For a reasonable price, you’ll get enterprise grade gear. Is it really that good? Let’s check my non-unboxing review. A bit of background I am a frequent reader of Mr Troy Hunt and when I read his article a few years ago about the Unifi suite that made want to try it again, a little.

Install Windows programs like a boss with Ninite

Do you remember how you used to install programs under Windows several years ago? Next, next, next… Are you still doing it the exact same way today? If that’s so, I may have something of interest for you, keep reading ! Windows' programs' installation is so painful I don’t know about you, but I am quite pissed off with the way “software” works on Windows. Let’s say you want to install VLC to watch movies, then you have to fire up your web browser, go to VLC website (probably via a search engine), find the correct version (32 or 64 bits), download the product, and install it.