Sau 🔗‍​ ​ This post is a walkthrough of the “Sau” machine from HackTheBox. We exploit a Server-Side Request Forgery vulnerability in Request-Baskets (CVE-2023-27163) to access a hidden Maltrail service. We then leverage a Remote Code Execution vulnerability in Maltrail v0.53 to get a shell as user “puma”. Finally, we escalate to root by exploiting a sudo privilege on the systemctl command that lets them spawn a shell through the less pager.

Ce blog post sert de mini-guide pour installer raspiblitz sur un Raspberry Pi 5 8Go Qu’est ce que raspiblitz ? 🔗Le RaspiBlitz est un Fullnode Bitcoin & Lightning à faire soi-même, fonctionnant sur un RaspberryPi avec un bel écran (optionel) pour faciliter l’installation et la surveillance. RaspiBlitz est principalement destiné à apprendre comment faire fonctionner son propre nœud décentralisé depuis chez soi - parce que : Pas votre nœud, pas vos règles. Découvrez et développez l’écosystème open-source de Bitcoin en devenant un membre à part entière. Les différentes pièces nécessaires 🔗Pièces:

🚀 Bitcoin ATMs: Bringing Crypto to Your Favorite Spaces Are you a bitcoiner interested by this project ? you can fill out this form The official site for this project is over at altermoney The Vision 🎯 We’re on a mission to make cryptocurrency accessible to everyone by strategically placing Bitcoin ATMs in the spaces where people naturally gather, work, and relax. From bustling coffee shops to dynamic coworking spaces, we’re bringing digital currency into everyday life.

PermX is an Easy Linux Box proposed on HTB. I really enjoyed it and I think it’s a good machine for beginners to see some techniques and to think out of the box. Let’s get started! Reconnaissance 🔗nmap 🔗First thing, I launched an nmap scan with nmap -sV -sC -oN tcpscan 10.10.11.23 -p- and I added -p to be sure to not miss any strange TCP ports

What is Actual Budget ? 🔗Actual Budget is an OSS project (hosted on Github). The README reads the following: Actual is a local-first personal finance tool. It is 100% free and open-source, written in NodeJS, it has a synchronization element so that all your changes can move between devices without any heavy lifting. Running Actual Budget 🔗In my case I’m running Actual through Docker with the following configuration:

Some times ago I was thinking about creating a new “linkinbio” tool that would be better than the main player on this market that is linktr.ee. I started designing new pages as you can see below: Even if I had some idea design-wise, the entire coding part is something that usually bore me quickly as I prefer automation and working on scripts for example (or even UX/UI).

Welcome everyone, in this post we’re going to see how to install Linkstack and run it behind HTTPS server Caddy. What is Linkstack ? 🔗As defined on their Landing Page, it is a Self-hosted open-source Linktree alternative, a highly customizable link sharing platform with an intuitive, easy to use user interface. How to run Linkstack 🔗Linkstack is build on PHP and Laravel (PHP framework) but the team at Linkstack gives us the opportunity to run their application using Docker.

Sailpoint CC API unofficial documentation 🔗/!\ Sailpoint discontinued the CC API functionalities described in this post last updated: 17 Aug /!\ As the companies are always caring for their clients /s there should be a documented way to create applications, search them, update them and so on baked into the official current V3 or Beta documentation of our dear IGA management tool Sailpoint IDN. But of course there is not so I took time to find calls to this API through analyzing network responses and requests (Thanks Burp and Network tab on Chrome/Firefox)

Do you have a problem with your Wi-Fi on your Steam Deck ? Does it loose connection and spawns a little orange triangle indicating you that your connection is limited and so you cannot play any games online or download additional ones ? Well, you’ve come to the right place for a little troubleshooting session. I have had the same problem as yourself and spent time with the very friendly Steam Support in order to get my Deck back on track, Support steps and solutions that I will share with you in this article.

Hello, my name is Nacio-Felix (Andréa) Laubressac. I’m working in cybersecurity and I’ve held some jobs since. Developer Business Developer Content Manager UX/UI Designer Cyber Threat Analyst DevSecOps Corporate IT Security I’m living in Paris, France and you might see me at some sec meetup or startup one or even live at a hackathon! This site 🔗I will try to post some interesting things here from time to time when I want to share a discovery or some of my work 👋