This time I thought we should take look at a new CVE and dig in to some of it’s inner workings. I will try to show how simple it is to exploit as soon as there are publicly known details. The question here is if it was more dangerous as a zero day or is it more dangereous now when there are free PoC:s for everybody to use? This is what I will be trying to do:…

The sun is shining outside. But there’s always a few hours to spend on what you really like. I have been competing hard at Hack The Box for a few years. Just after I made it to the magic count of 100 hacked boxes I also reached number one on the Swedish chart. I tried to keep that position for a while but came to the insight that I keept doing stuff that did not further enhance my knowledge, just keeping my position in a chart.…

This writeup describes how we approached the box Bagel from Hack The Box (https://www.hackthebox.eu). The box is based on Linux and it is ranked medium. Tools and techniques used in this hack are Nmap, Dirb, Firefox, Curl, C# .net and JSon. As i mentioned in previous writeup my style is to describe how I was thinking during the attack. My personal opinion is that I learn from analysing my process over and over again, and you learn more from understanding the process than just following a guide.…

Recon This year we competed in Ångström CTF. This was the first time we tried it and we liked it. The difficulty of the challenges ranges from very simple to extremly hard. This makes it easy to slide in to the competition and climb your way up against the harder challenges. This is how the CTF is described: Anyone can participate in ångstromCTF. However, due to various reasons, we can only give prizes to teams from the United States.…