Microblog

January 24, 2022 | 16:49

Raspberry Pi OS 64bit Installation

December 29, 2021 | 14:15

Installing sasquatch on Kali Linux

December 28, 2021 | 21:25

Updating Feeds for Nextcloud News app on rootless Docker

Blog

September 15, 2023 | 21:27

Distribute IP Routes with Unifi Controller

Recently, I couldn’t access a machine within another VLAN anymore, because Docker on that machine used a subnet within the 192.168.x.x range for an internal network, that led to packets not finding the way back to me. Docker apparently uses the following ranges by default: 172.[17-31].0.0/16 192.168.[0-240].0/20 The routes on the machine were as follows. Unifi provides my machines with a default gateway, e.g. 192.168.20.1 and the route for the local subnet 192. Read more

November 13, 2022 | 22:46

INE Lab - Linux Lateral Movement

The scenario is described as follows: In this lab environment, the user will access a Kali GUI instance. A vulnerable application can be accessed using the tools installed on Kali at http://demo.ine.local Objective: Exploit both the target and find all flags! Dictionaries to use: /usr/share/metasploit-framework/data/wordlists/common_users.txt /usr/share/metasploit-framework/data/wordlists/unix_passwords.txt Read more

May 21, 2022 | 15:16

Playing with TP-Link TL-WR841N

At the time of writing, three firmware versions were available for the hw v14 on the official support page: TL-WR841N(EU)_V14_200903 (200903) released on 2020-11-27 TL-WR841N(EU)_V14_180319 (180319) released on 2018-04-03 TL-WR841N(EU)_V14_171208 (171208) released on 2018-04-01 None of these versions prevents downgrades, so any transition between these are possible. When downgrading, it’s best to restore to factory defaults beforehand because of some incompatibilities (for example: the password get’s cut because of length limitations in one of the earlier versions). Read more

May 7, 2022 | 13:10

INE Lab - Linux Local Enumeration

The scenario is described as follows: The user will access a ubuntu instance as a student user. We will assume that we have compromised a machine and gained regular user access (student). We need to conduct local enumeration and obtain root access to the machine. Objective: Find the SUID executables and vulnerable services to gain the root privileges. Read more

© Pavel Pi 2024

Powered by Hugo & Kiss'Em.