A look back at a cybersecurity event that was small in scale but rich in technical depth: Auvergn’Hack. While everyone’s eyes were on the FIC, another event quietly made its mark—far from the hustle and bustle of Lille: Auvergn’Hack. A down-to-earth, tech-focused conference with hands-on workshops and talks in the morning, followed by a CTF in the afternoon. During the CTF, I focused on the reverse engineering challenge. This article is the write-up of the “driverlicence2” challenge. It’s follow but without technical link with the first one. ...

Library injection is a powerful technique that enables the modification of an existing process’s behavior by dynamically loading external libraries. In this article, we delve into a more advanced approach using ptrace, a system call that grants deep control over a running process. This article is presented as a technical report based on a conference presentation. Ptrace The ptrace() system call allows a parent process to control the execution of another process and modify its memory image. To inject libraries, I utilized several capabilities of ptrace().This section presents some custom functions used for library injection, along with mechanisms for error handling and debugging. ...

Library injection is a powerful technique that allows modifying the behavior of an existing process by dynamically loading external libraries. In this article, we will explore the principles of library injection, its different approaches, and its practical applications. Library injection is a common technique used by attackers to execute arbitrary code within the address space of a legitimate process. This technique is widely used in malware, rootkits, and red team operations. In Capture The Flag (CTF) competitions, understanding library injection is valuable for binary exploitation, reverse engineering, and forensics challenges. ...

Ph0wn is a Capture the Flag and workshop event dedicated to smart devices. Our CTF and workshops are consequently connected (sometimes a bit loosely!) to smart devices. For example, we have had CTF challenges involving connected coffee machines, drones, and satellites, as well as workshops on Ghidra for ARM and Hydrabus. Like last year, ph0wn offers a pre-challenge. Here is the write-up. Step 1 The CTF start on ph0wn teaser website with this instructions : ...

One of the main goals of purchasing the BladeRF is to delve into GSM hacking, specifically targeting 2G networks (SMS and MMS). This article aims to explore this field, starting with passive reconnaissance as the initial step in our investigation. I am very excited to embark on this journey. However, it is important to note that this activity is legally borderline. I urge you to respect people’s privacy, be mindful of your actions, and avoid intruding into others’ lives. ...

I finally gave in and bought a BladeRF. After withdrawing money from my life insurance and the savings intended for a house, I decided to purchase the BladeRF micro A4. The BladeRF is a tool that enables Software-Defined Radio (SDR) on frequencies ranging from 47MHz to 6GHz, with two full-duplex RX TX channels. One of the main advantages of the BladeRF is its compatibility with the majority of open-source radio tools. It is a widely recognized tool in the field, providing extensive documentation and community support. Even though it’s quite common for this type of device, the data processing on an FPGA is remarkable. This feature alone makes it a little gem. Just a small note: I chose a kit with a plastic case, but it’s better to get a metal case to protect the device from interference.In case you’re wondering what to get me for Christmas ;). ...

Welcome to the “Road to OSCP” series! Today, we’re diving into the Lame machine from Hack The Box (HTB). This machine is part of the recommended HTB machines for OSCP preparation, curated by “TJNULL.” Let’s get started. Enumeration We’ll start with a simple enumeration using Nmap, which reveals several interesting ports and their associated software versions: The FTP server appears particularly interesting, as it might have a backdoor that allows us to gain a shell: . ...

Welcome to the latest installment of “Road to OSCP”, a blog series chronicling my pursuit of the OSCP certification. In today’s episode, we’ll explore the “perfection” machine on the Hack the Box platform. While this Linux-based machine isn’t typically recommended for OSCP preparation, it’s a recent addition to the platform. Diving into newer machines can provide fresh challenges and learning opportunities. Let’s delve into what makes the “Perfection” machine intriguing and potentially beneficial for our hacking skills. ...

Welcome back to “Road to OSCP”, a series where I share my journey toward obtaining the OSCP certification. In this second episode, we turn our attention to the “Blue” machine on the “Hack the Box” platform. I continue with an other machine in the “TJnull” VM list. This machine is based on Windows, providing another opportunity to hone our skills in a familiar yet challenging environment. Enumeration First, we’ll conduct an nmap scan to identify what services are running on the machine: ...