Will's Security Blog

August 26, 2017December 24, 2020

Installing Gallium OS + Pen-Testing tools on Stock Chromebook

A while back I picked up an Acer Chromebook 14 as an inexpensive laptop I could use around the house or lug along on trips without being overly paranoid I’d break it, lose it, or have it stolen. I did initially look into installing Linux on it after having it a few months but firmware support was very sketchy with newer Braswell Chromebooks at the time so I put it on the back burner for a while. I did toy around with using Crouton but performance was frustratingly bad and didn’t seem worth the bother to me. Continue reading “Installing Gallium OS + Pen-Testing tools on Stock Chromebook”

August 23, 2017December 24, 2020

FristiLeaks: 1.3 VulnHub Writeup

Source: https://www.vulnhub.com/entry/fristileaks-13,133/

After the grueling beast that was The Necromancer I decided I needed to take a break with something hopefully a little bit easier and not as lengthy. This VM has been described as being closer to the beginner side so let’s spin it up and find out.
Continue reading “FristiLeaks: 1.3 VulnHub Writeup”

August 20, 2017December 24, 2020

Using pfSense’s ACME Package to Generate Let’s Encrypt Certs (ver 2.3.4-RELEASE-p1)

Important note before proceeding: Let’s Encrypt certificates are non-self-signed certificates and completely free, but do require that you own and be able to verify a domain name.

Similar to other pfSense packages start the installation by simply going to:

System: Package Manager: Available Packages

From there locate the “ACME” package and select install. Once installed then go to:

Services: ACME Certificates

Continue reading “Using pfSense’s ACME Package to Generate Let’s Encrypt Certs (ver 2.3.4-RELEASE-p1)”

August 18, 2017December 24, 2020

5 Year Plan & Information Security Career Goals

This recent talk by John Strand got me thinking a lot about how I can more strategically put together a plan toward my own career goals. I’m a SOC analyst now but would ultimately like to gain a good base of experience and skills required to either move on to more advanced blue team roles or become a pen-tester. Even though some of the advice given in the talk is more focused on those that are completely new to security or are recent graduates the advice is still very pertinent to those of us already in the field.

Continue reading “5 Year Plan & Information Security Career Goals”

August 17, 2017December 24, 2020

Better Directory and File Brute-forcing with BurpSmartBuster

Github: https://github.com/pathetiq/BurpSmartBuster/
DerbyCon Talk: https://www.youtube.com/watch?v=RFxUfoVgMrw

After watching the DerbyCon presentation by Patrick Mathieu I’ve been experimenting with replacing or at least supplementing Dirbuster with this new tool. It offers a lot of potential benefits: Continue reading “Better Directory and File Brute-forcing with BurpSmartBuster”

August 16, 2017December 24, 2020

Obfuscating PowerShell Commands using Invoke-Obfuscation

Source: https://github.com/danielbohannon/Invoke-Obfuscation

Thanks to one of Dave Kennedy’s talks for making me aware of this tool for obfuscating PowerShell code. As PowerShell is used more and more in attacks the higher the likelihood there is for defenders to attempt to detect malicious commands or look for specific strings. To evade these detection techniques we can try to encode our commands to make them much harder to detect.

I’ll use the previous Bash Bunny Payload as an example with this tool.

Continue reading “Obfuscating PowerShell Commands using Invoke-Obfuscation”

August 16, 2017December 24, 2020

Bash Bunny – Get Cleartext WiFi Creds From Windows Using WiPassDump

This will be a quick demo on how easy it is to capture stored WiFi credentials on Windows using the Bash Bunny and WiPassDump payload.

Continue reading “Bash Bunny – Get Cleartext WiFi Creds From Windows Using WiPassDump”

August 15, 2017December 24, 2020

The Necromancer: 1 – VulnHub Writeup

Source: https://www.vulnhub.com/entry/the-necromancer-1,154/

Starting off with a quick netdiscover to figure out what IP we’re dealing with:

Continue reading “The Necromancer: 1 – VulnHub Writeup”

August 9, 2017December 24, 2020

Mr. Robot:1 – Vulnhub Writeup

Source: https://www.vulnhub.com/entry/mr-robot-1,151/

After spinning up the VM I’m met with this logon prompt:

I then run “netdiscover -r 192.168.111.0/24” to find the IP assigned by the host adapter via DHCP:

Continue reading “Mr. Robot:1 – Vulnhub Writeup”

August 7, 2017December 24, 2020

Bash Bunny!

While at Defcon last week I picked up a Bash Bunny from the Hak5 booth. I managed to run into both Darren + Shannon also this year and it was cool finally meeting them both in person!
Continue reading “Bash Bunny!”