Cookie Consent by PrivacyPolicies.com
Home
Quantumly Confused
Cancel

Org-in-a-Box - Kerberos & NFS

Org-in-a-Box - Kerberos & NFS

Second post covering my personal project of an organization in a box. Based on the initial architecture this article goes over partially setting up the first two authentication servers in the project leveraging MIT Kerberos and NFSv4. These hosts will serve as the core base for the rest of the Org-in-a-Box project and a subsequent post will cover the LDAP and DBIS configuration on these hosts.

Org-in-a-Box - Architecture

Org-in-a-Box - Architecture

Initial post covering my personal project of an organization in a box. Using fundamental open source Identity and Access Management components of an organization in a self-contained box to explore and expand knowledge of those various components. This article will cover the overall architecture and help establish the high level plan moving forward.

NSEC 2020 - Dreamcast

NSEC 2020 - Dreamcast

Walkthrough of the two Dreamcast challenges from NorthSec 2020. Starting with a quick overview of the Dreamcast architecture then quickly pivoting into analyzing the provided roms follow along as I cover my approach and solution to the challenges.

NSEC 2020 - Crackme

NSEC 2020 - Crackme

Walkthrough of the 6 crackme challenges from NorthSec 2020. With increasing difficulty, and not necessarily with the reversing portion itself, I was able to finish all 6 for my team. Follow along as I step through my solutions and add some personal comments.

Qiskit Quantum Challenge 2020

Qiskit Quantum Challenge 2020

Overview and walkthrough of the IBM Qiskit 4th anniversary Quantum Challenge excercises and my solutions.

Hack the Box - Registry

Hack the Box - Registry

HTB Registry machine walkthrough. Working with insecure Docker credentials we manage to extract a SSH key and corresponding password crumbs for an initial user foothold. Following that access we find a sqlite file containing Bolt CMS admin credentials. Logging into the CMS we quickly modify the config file to allow a PHP shell of our choosing to access the host as www-data. Finally once we have www-data access we are able to abuse a restic sudo rule to expose the root flag.