SSRFmap - Introducing the AXFR module

After reading a great blog post about a CTF challenge where you had to chain several SSRF to get the flag, I took some time to improve SSRFmap, fix the bugs and merge the Pull Requests. Then I implemented a new module called axfr to trigger a DNS zone transfer from the SSRF using the gopher protocol. This blog post is about my journey on implementing it.

Read More

Ph0wn CTF 2019 - Flag Digger

TLDR: It’s never too late to try to solve an old challenge. This blog post is a quick writeup of a challenge from the Ph0wn CTF 2019 where you were given a small chip and you had to extract the flag from it.

Read More

DVID - Damn Vulnerable IoT Device

Who ever wanted to learn about Hardware Hacking ? I found this small opensource IoT hacking learning board while I was in a security event. It is designed by @vulcainreo and cost around 45€, more than 300 units were shipped around the world.

Let’s dig into this awesome project and clone the git : https://github.com/Vulcainreo/DVID.git !

https://raw.githubusercontent.com/Vulcainreo/DVID/master/kit-contents.jpg

Challenges’ Writeup

Read More

HIP19 Writeup - Meet Your Doctor 1,2,3

Last wednesday I was in the Hack In Paris event for the 3rd time. As always there were some great conferences and challenges, and a new competition called “Hacker Jeopardy” which was very fun! During the Wargame I focused my time on Web challenges based on the graphql technology which was new to me, you will find below my writeups for the Meet Your Doctor challenges.

HIP Wargame 2019

Read More

SIGSEGV1 Writeup - MD Auth

Let’s talk about the “MD Auth” challenge, I admit I started with this challenge thinking it would be about “Markdown”. I was wrong but it was nonetheless interesting to solve.

Read More

An XSS Story

Last night I stumbled across an XSS in a bug bounty program, this was quite fun to exploit.

Read More

WHID Injector - Tips and Tricks

What is it ? The WHID Injector is USB Key which act as a remote keyboard. Basically it sets up a Wifi Access Point where you can connect and send whatever you want on the machine. It also has a Rubber Ducky payload converter, an exfiltrated data tab and many more.

What can I do ? Everything you could do with a keyboard plugged into a computer, for example : using WHID Toolkit you can spawn a reverse-shell :D

Where to buy a WHID Injector ? I got mine from Aliexpress, it’s also available on ebay around 15+ $ ;)

Read More

French Croissant - or why you need to lock your computer

Last year the first day of my internship I was given a computer and asked to install and secure it for two days. After that delay anyone can try to attack and compromise my machine, and if so I was welcome to buy some “French Croissants” to the team while the attacker explain his method to get access into your computer the next morning. There are some techniques you need to be aware of when you’re securing your machine, the list below is not exhaustive.

Read More