Can you trace an IP Address to a hacker?
This is a very open-ended question with a lot of variables that come into play. Depending upon how skilled the hacker is, determines how and if the hacker can mask or hide their true identity. It's also very critical to know exactly when the hacker...
https://www.youtube.com/watch?v=R6khqRpVHes
"We are Anonymous. We are Legion. We do not forgive. We do not forget. Expect us."
Hector Monsegur "Sabu" talks about hacking Tunisia and how they shut down an entire country's Internet.
As a hacktivist group, Anonymous went after Tunisia because they were doing suspicious things to...
Attempted Hack
I was recently looking through some docker logs for a web server container and I saw some suspicious commands being passed to the web server. It was very obvious with a quick glance that it was a hacker trying to compromise the web server. Out of curiosity, I decided to reverse engineer...
Samy Kamar a security researcher has developed an IoT device that runs a python script called PoisonTap. This is a great article worth reading. It's affordable and can siphon cookies, expose internal routers and install backdoors.
Parrot OS 4.7 Full-Screen Issue
This is a quick easy fix. By default, it appears that Parrot OS 4.7 virtual appliance (.ova) doesn't come with VirtualBox Guest Additions installed. Once you have booted up Parrot OS run this command to install the VirtualBox Guest Utilities. Once this is installed, you may reboot and everything...
Post Exploitation Recon
I frequently experience dead-ends on the more difficult CTF boxes. I've found that once acquiring a reverse shell I need to do some extensive internal recon. Sometimes the service that will be vulnerable is hidden and you must find it. Here are some ideas...
CTF: PwnLab Init Walkthrough
https://www.vulnhub.com/entry/pwnlab-init,158/
In this walkthrough, I'll be using Parrot OS. I'll break each vulnerability down and explain it. The video won't demonstrate all of the techniques that could have been applied. I will also list the techniques I've learned from others.
Exploits / Techniques
SSH Tunneling
When you need to access a server/client behind a firewall that doesn't allow port forwarding you can use SSH tunneling to bypass that if an SSH server is running. Pivoting is a sneaky technique that hackers use to access computers, servers, and services behind firewalls. These examples will use OpenSSH. I think...
Parrot OS Configuration
This is how I set up my Parrot OS after installation. There's a few things I believe are missing that should be installed or done. I like to keep things as real as possible so this will be a hackers set up.
UFW VPN Kill Switch
Get the version of Parrot OS
There are several ways to identify the version of Parrot OS.
The easiest way to get the version of Parrot OS is to use a Linux command
(Terminal)
Another way to access the version...
