Weekly Cybersecurity Wrap-up 4/8/24

Every week I publish interesting articles and ways to improve your understanding of cybersecurity.

Projects

  • TryHackMe – What is Shell? – In Progress

Videos

Articles

Podcasts

Weekly Cybersecurity Wrap-up 4/1/24

Every week I publish interesting articles and ways to improve your understanding of cybersecurity.

Projects

Videos

Articles

TryHackMe | Active Directory Basics

This post is a write-up of the TryHackMe room “Active Directory Basics”. It is rated as an easy room and should take around 30 minutes.

Task 1: Introduction

Q1: Click and continue learning!

A1: No answer needed.

Task 2: Windows Domains

Q1: In a Windows domain, credentials are stored in a centralised repository called…

Come on man, its the name of the room. We can handle harder questions. This answer is in the 3rd paragraph of the task text.

A1: active directory

Q2: The server in charge of running the Active Directory services is called…

The answer is in the same paragraph as the last answer.

A2: domain controller

Continue reading TryHackMe | Active Directory Basics

Updating Linux

Okay, you’re a pro now. You’ve installed multiple Linux VM’s using VirtualBox or some similar tool. But now you need to remember to update it. This is important because like any other operating system Linux does have vulnerabilities.

And those two articles are just from one source and just this week. Okay so how do you update? Use the below commands:

sudo apt update        # Fetches the list of available updates
sudo apt upgrade       # Installs some updates; does not remove packages
sudo apt full-upgrade  # Installs updates; may also remove some packages, if needed
sudo apt autoremove    # Removes any old packages that are no longer needed

Weekly Cybersecurity Wrap-up 3/25/24

Every week I publish interesting articles and ways to improve your understanding of cybersecurity.

Project

TryHackMe – Upload Vulnerabilities

Webinar

Articles

Podcasts

TryHackMe – Upload Vulnerabilities

The following write up is posted here to show how I worked through this on the TryHackMe platform to learn how to gain access to a webserver.

Task 1 – Getting Started

Start the VM and make the changes to your hosts file outlined in task 1.

cd ..
cd etc
sudo nano hosts

Copy and paste the information from task 1.

Ctrl-X to exit nano, when prompted hit Y to save then Return to save the file has hosts.

Q1: No Answer Needed.

A1: No Answer Needed.

Continue reading TryHackMe – Upload Vulnerabilities

Weekly Cybersecurity Wrap-up 3/18/24

Every week I publish interesting articles and ways to improve your understanding of cybersecurity.

Projects

Videos

Articles

Podcasts

Weekly Cybersecurity Wrap-up 3/11/24

Every week I publish interesting articles and ways to improve your understanding of cybersecurity.

Projects

Videos

Articles

Podcasts

Smashing Security – 363: Stuck streaming sticks, TikTok conspiracies, and spying cars

TryHackMe – Hashing – Crypto 101

This is just Task 5 & 6, because those ones were fun for me. I did this on my own VM of Kali and therefore may be different if you use the TryHackMe attackbox.

Task 5: Password Cracking

First step for me was to look up the wordlist and I’m glad I did, because rockyou was zipped.

I used the following to unzip the file in: /usr/share/wordlists/

sudo gzip -d rockyou.txt.gz

Now that is done we will proceed with the question at hand:

Q1: Crack this hash: $2a$06$7yoU3Ng8dHTXphAg913cyO6Bjs3K5lBnwq5FJyA6d01pMSrddr1ZG

Let’s put this in a file:

echo '$2a$06$7yoU3Ng8dHTXphAg913cyO6Bjs3K5lBnwq5FJyA6d01pMSrddr1ZG'> hash.txt

Look at the prefix. This means the hash type is bcrypt. Notice we added the to the front of the string and we added ‘> to the end of the string. Next, run this command:

john hash.txt --format=bcrypt --wordlist=/usr/share/wordlists/rockyou.txt

A1: 85208520

This is fun let’s do another…

Q2: Crack this hash: 9eb7ee7f551d2f0ac684981bd1f1e2fa4a37590199636753efe614d4db30e8e1

Again we put it in a file:

echo '9eb7ee7f551d2f0ac684981bd1f1e2fa4a37590199636753efe614d4db30e8e1'> hash256.txt

This is sha256 so we need to change the format on our command when we run JohntheRipper on it.

john hash256.txt --format=raw-sha256 --wordlist=/usr/share/wordlists/rockyou.txt

Our results look like this:

A2: halloween

Q3: Crack this hash: $6$GQXVvW4EuM$ehD6jWiMsfNorxy5SINsgdlxmAEl3.yif0/c3NqzGLa0P.S7KRDYjycw5bnYkF5ZtB8wQy8KnskuWQS3Yr1wQ0

This one is sha512crypt so we will change our format in the following command, but first we create our file:

echo '$6$GQXVvW4EuM$ehD6jWiMsfNorxy5SINsgdlxmAEl3.yif0/c3NqzGLa0P.S7KRDYjycw5bnYkF5ZtB8wQy8KnskuWQS3Yr1wQ0'> hash512crypt.txt

john hash512crypt.txt --format=sha512crypt --wordlist=/usr/share/wordlists/rockyou.txt

A3: spaceman

Q4: Bored of this yet? Crack this hash: b6b0d451bbf6fed658659a9e7e5598fe

This is Md5, but using rockyou won’t work. The hint says use the internet. So, using https://hashes.com/en/decrypt/hash, we find:

A4: funforyou

Task 6: Hashing for integrity checking

Q1: What’s the SHA1 sum for the amd64 Kali 2019.4 ISO? http://old.kali.org/kali-images/kali-2019.4/

Download and open the first file. The answer is on the first line:

A1: 186c5227e24ceb60deb711f1bdc34ad9f4718ff9

Q2: What’s the hashcat mode number for HMAC-SHA512 (key = $pass)?

Go to the website in the hint: https://hashcat.net/wiki/doku.php?id=example_hashes Do a find on “HMAC-SHA512” and you should find the answer:

A2: 1750

Weekly Cybersecurity Wrap-up 3/4/24

Projects

  • TryHackMe (Top 3% of users!) – OWASP Juice Shop – Complete
  • TryHackMe – Hashing – Crypto 101 – In Progress

Webinar

  • The Rising Cyber Risks Of Social Engineering & Personal Devices – Michela Menting, Jennifer Varner and Nasrin Rezai – A steady rise in social engineering attacks highlights the risks associated with the human element, with employees inadvertently providing entry points into enterprise networks through acts as simple as providing personal information gained from a LinkedIn account to an urgent text message that leads to a click on malware. These risks can be heightened even further when employees use their personal devices, which can lack the proper security software required to thwart potential attacks.

Articles

Podcasts

  • Cyberwire – Ep 2020 | 3.8.24 – From breach to battle: The escalating threat of Midnight Blizzard.