FristiLeaks1.3 – CTF Walkthrough – Boot-To-Root

FristiLeaks 1.3 Walkthrough FrisitLeaks 1.3 is a easy/intermediate box that is designed to be targeted as a CTF as opposed to a traditional penetration test. The challenges are mainly focused on enumeration, reverse engineering and privilege escalation. FristiLeaks1.3 link: https://www.vulnhub.com/entry/fristileaks-13,133/ Scanning We will get started by performing port scanning on the target VM, our objective […]

SUDO Security Bypass Vulnerability – CVE-2019-14287

Vulnerability Details: Release date: 14th October 2019 CVE ID: CVE-2019-14287 Affected Versions: Versions prior to <= 1.8.28 https://www.sudo.ws/alerts/minus_1_uid.html Brief description of vulnerability The security policy bypass vulnerability that allows users on a Linux system to execute commands as root, while the user permissions in the sudoers file explicitly prevents these commands from being run as […]

Malware Analysis – Malware Classification And Identification

Malware Classification & Identification Malware classification is the process of classifying malware samples based on shared characteristics with previously analyzed samples. An example of these characteristics are: strings and binary code.   What’s wrong with hash-based identification/classification? The content of the samples are changed by attackers to evade hash based identification/classification. Cryptographic hashing is only […]

Malware Analysis – Examining The Resources Section

Examining The Resources Section (.rsrc) The resources section contains all the necessary files and information that are used/required by the executable. For example: icons, dialogs   Why is it important? Attackers can utilize the resources section to store more malicious files and data like payloads, droppers, configuration info etc. The resource section is also useful […]