MacBook Book Pro is and has always been a high quality computer. They tend to last long and I usually keep mine for at least 3 years, but many times as long as 5 to 6 years before it’s necessary to upgrade my everyday workhorse. What happens then, more often than not, is that the old Mac Book Pro becomes a computer dedicated for hacking and pentesting. Everyone has different setups that they like but in this case I like to go with the mainstream and install a bare metal installation of Kali Linux.…

“An early release of PHP, the PHP 8.1.0-dev version was released with a backdoor on March 28th 2021, but the backdoor was quickly discovered and removed. If this version of PHP runs on a server, an attacker can execute arbitrary code by sending the User-Agentt header. The following exploit uses the backdoor to provide a pseudo shell ont the host.” This box is previously retired from Hackthebox active-session and in my opinion is a good “starting-box” if you are new to hacking.…

This writeup describes how I approached the box Attended from Hack The Box (https://www.hackthebox.eu). The box is based on OpenBSD and it is rated insane. This box includes vulnerabilities that is known and documented (CVE-2019–12735) aswell as a lot of custom exploitation. Tools and techniques used in this hack are Nmap, DIRB, curl, Swaks, Python, OpenSSH, GDB, Radare2, Ghidra, Ropper. My style of writeups is to describe how I was thinking when attacking them.…

Welcome to Orange Whispers or 0range Wh1spers if you are so inclined. Or if you are a swedish speaking person: Välkommen till Orange Whispers. This blog will contain posts written in both swedish and english. Since this is the very first post we start of in english to explain the what, why and who. After reading through this you will hopefully get an idea of what to expect from this blog further on.…