1. Introduction After downloading lordkiske-server.ova, use the sha256sum command to get the hash. The flag: wgmy{the_sha256_hash} To make the following steps easier, I decided to extract the lordkiske-server.ova and mount the VMDK image inside it…
Wargames.my 2020 write-up: Web- Jika Kau Fikirkan Kau Boleh
Being the first person to solve this challenge, I was quite proud of myself. This challenge was rather simple, things you will need: a basic understanding of redis-cli a PHP shell that can execute system…
Read more of Wargames.my 2020 write-up: Web- Jika Kau Fikirkan Kau Boleh
Laravel multi-tenancy via subdomain DNS setting (Manjaro Linux, dnsmasq)
Recently I was setting up my development environment for my Laravel project. This time I wanted to try out Laravel Homestead. This project implements a multi-tenant, in which each user will receive their own subdomain.…
Read more of Laravel multi-tenancy via subdomain DNS setting (Manjaro Linux, dnsmasq)
Troubleshooting Kali Linux 2020.2 64-bit KDE Plasma Installation
I wanted to try Kali Linux for the first time but the installation process was not smooth sailing for me. I encountered errors some of which I did not know how to trace from the…
Read more of Troubleshooting Kali Linux 2020.2 64-bit KDE Plasma Installation
Web shell deobfuscation and analysis: SianTaRUniX
I came across another web shell repository on GitHub and decided to peek into the obfuscated shells. This time I will be deobfuscating WebShell_0ba8e8b6c1334b8335a9a9374bfb1109c0371478.php . This is a rather peculiar one as it is tailored…
Read more of Web shell deobfuscation and analysis: SianTaRUniX
Deobfuscating PHP webshell: Alfa Shell v3
PHP shell is one of the common payload used by attackers to take over a website i.e. deface, dump the database. I came across a GitHub repository that I had forked a long time ago…
Hello world!
Welcome to my new blog. From now on, everything will be imported and posted here instead of my other unused blogs