Gareth Oates

Gareth Oates

Sign in Subscribe

Equinor CTF | The Projects

Equinor CTF | The Projects

This write-up is about a challenge which was presented to us as part of the Equinor CTF that I took part in with some colleagues. It's been a while since I've done any hacking of boxes so this was a nice way to get back into

Staying Safe Online

Staying Safe Online

With more and more of our daily lives going digital and the ever increasing number of apps one needs to operate effectively in today's society, I thought I would share some tips on how to remain safe and secure on the digital wild west we call the internet.

Windows Privilege Escalation | Services

Windows Privilege Escalation | Services

There are many ways to take advantage of incorrectly configured services to escalate your privileges on a windows machine.

My year in Cybersecurity

penetration testing

My year in Cybersecurity

Since doing the Advent of Cyber 2 event on TryHackme in December 2020, my interest in cybersecurity was well and truly sparked.

Pivoting and Port Forwarding

penetration testing

Pivoting and Port Forwarding

The more difficult boxes I try to complete on TryHackMe or HackTheBox usually involve some form of port-forwarding or even pivoting onto a different machine. I always seem to forget the commands to get this to work properly, so I thought I would have a go at writing about them

HackTheBox | Previse

hackthebox Featured

HackTheBox | Previse

I decided to start trying some of the boxes on HackTheBox for a change, instead of TryHackMe. In the past I've found these to be a bit more difficult generally than THM, so I opted to start with an easy one.

TryHackMe | Inferno

tryhackme Featured

TryHackMe | Inferno

I recently completed the TryHackMe room Inferno. This was a medium rated room and I think that was a pretty accurate rating. I started this capture the flag room the same as any other, with a port scan using the nmap tool. gareth@enso:~/Desktop/Files/Inferno$ nmap -F 10.

TryHackMe | Mustacchio

tryhackme Featured

TryHackMe | Mustacchio

I decided to try another TryHackMe capture the flag room. This time it was Mustacchio. This room involved one of the OWASP Top 10 vulnerabilities called A4:2017-XML External Entities (XXE). This vulnerability, when exploited, can be used to expose internal files, that the user should not be allowed to

TryHackMe | Wekor

TryHackMe | Wekor

This room was a very interesting one which involved a couple of techniques I hadn't used before. It also required using some tools I've used a lot before but for different purposes.

TryHackMe | Internal

tryhackme Featured

TryHackMe | Internal

I finally completed my first ever hard TryHackMe room called Internal. It had a lot of unique methods of exploit including some I hadn't encountered before. It involved using a lot of tools and using experience gained from other earlier CTFs. Port Scanning I started by scanning the

TryHackMe | Archangel

TryHackMe | Archangel

Despite being marked with a difficulty level of easy, this CTF involved quite a few different techniques. There was local file inclusion, log file poisoning, horizontal and vertical privilege escalation.

TryHackMe | Skynet

TryHackMe | Skynet

This room was good fun and involved a few different techniques in order to complete. There was a lot of enumeration and an interesting new technique I learned in order to escalate privileges.

TryHackMe | MrRobot

TryHackMe | MrRobot

After the relative success of the previous room I completed on TryHackMe, it was time to try something slightly more challenging. I really enjoyed watching the show Mr. Robot last year, so when I saw a Mr Robot themed room of medium difficulty, I thought this was the perfect one to try.

TryHackMe | Overpass

TryHackMe | Overpass

This TryHackme capture the flag was an interesting one. The tag-line for the Room was...What happens when some broke CompSci students make a password manager? The answer to that question is, you get your server hacked.

TryHackMe | OhSint

TryHackMe | OhSint

As well as Capture the Flag rooms, TryHackMe also has some OSINT rooms, where you can practice information gathering and analysis. OSINT, or Open-source Intelligence, is the process of researching and analysing information about a target based on what they post on social media...

TryHackMe | Basic Pentesting

TryHackMe | Basic Pentesting

After my success in a previous try hack me room, I decided to have a go at another one. This time it was a bit more difficult, and I have to admit, I needed to check the video at some stages to get some guidance. Never the less, here is how I managed to complete the room.

TryHackMe | Kiba

penetration testing

TryHackMe | Kiba

After going through the TryHackMe exercises for the AdventOfCyber2 Christmas challenge, I decided I wanted to branch out and try and put what I had learned so far into practice.