Today, I’d like to introduce a new series, where I talk about various topics. This series will be titled, “What the Hack?!”. In today’s WTH, we discuss installation, configuration, and monitoring with Security Onion. This is a basic installation talk that ends in seeing your traffic. In another discussion, we’ll […]
After a couple of weeks, I’ve been able to solve the Proxmox & Security Onion SPAN port mystery. The issue was, creating a virtual TAP, within Proxmox, in order to capture all traffic. Various places online said it worked, but all were missing vital pieces for implementation. After searching and […]
Often times I find myself tweaking my lab. 🙁 I spend countless, happy hours, monitoring and improving my footprint. Waste of time, nope, I enjoy it. The look my wife gives me when I pull the plug or shutdown service is priceless. What am I doing? More than not, I’m […]
I wanted to get this out really quickly. More pictures to follow. At this point in time, the server has been relocated to my wife’s office in an effort to keep the overall rack cool. I’d been reviewing and reviewing and reviewing this rack for 6+ months. I needed to […]
If you’re looking for Cisco’s port mirroring, you likely have some form of a managed switch. Currently, I use a managed switch that I have set up monitor sessions. I also have a firewall appliance for more stringent rules sets and firewalling. What I have not discussed here is, the […]
Tonight I attempted a boot2root creation. I’ve sourced the vulnerable software and am laying out my path. There is one huge problem though. For whatever reason, while watching TV, I fat-fingered the password for MariaDB/ SQL after the install on the initial config. I ran through a couple of password […]
Recently, I discovered that I was unable to find clear documentation on Proxmox VM Import of various types of virtual-machines into Proxmox. I’ve fiddled with many methods and have broken and reinstalled quite a number of times. I’ve now reached a point of content to actually grow my lab to […]
Vulnhub / Web / Curl / Cron Another fun machine. Here we utilize the Curl command to inject a shell. From there, you privesc off of a vulnerable application running from Cron. Using curl we can see our server allowed options. Look at the “Allow: PUT” option. This allows us […]
Reddit always keeps me entertained. Just when you think you’ve seen the most, a clever user always hits you with something new. I find this funny all day, every day. You have to of been in the labs at one point or another to appreciate this gold.
For today’s how-to, let’s talk about OpnSense. Plus, I need to get these ideas out. We will install a couple of IDS / IPS engines on OpnSense followed by enabling the rules. This is an easy to use guide to help you get up off the ground quickly. I found […]
It’s a shortcut for the command line, essentially. This works for me because I’d rather automate than type out the same command multiple times, just check out the “l” alias. Anyway, I’ve created quite a few shortcuts to minimize typing and get the same results. These are super-silly-easy to follow and […]
Vulnhub / Mercy / Webapp / SUID Cool system that uses a port knocking app to gain initial access. In this machine, Mercy, I learned a new tool along with a new spin on an old technique with Apache Tomcat. Overall I enjoyed this machine and what I was able […]