León Castillejos’ blog

“Never memorize something that you can look up.” - Albert Einstein

Posts - Page 2 of 4

Push notifications for Linux logins

  • 4 min read

An easy walkthrough on enabling instant push notifications for logins and logouts on a Linux system with Pushover. You will need a Pushover account. Pushover is a proprietary service for smartphones, with a single-time purchase application which includes a generous free quota (never ever surpassed the “free” limits for any of my personal projects, and I receive sometimes more than 20 notifications per day). Register for a free account here.

Read More

Automating Proxmox with Ansible

  • 4 min read

Ansible is an automation platform for managing machines. When combined with Proxmox, it becomes a ridiculously powerful tool to orchestrate virtual datacenters.

Read More

Unknowndevice64 writeup

  • 4 min read

This is a short and fun machine available on VulnHub. The machine has no outdated, vulnerable software, but is set up as a fun CTF challenge with a few intentional configuration mistakes you’re supposed to exploit to get a root shell.

Read More

bWAPP writeup

  • 5 min read

bWAPP is a PHP application specifically designed to be exploited. It contains many bugs and vulnerabilities, and allows you to select the security level, similar to the well known Damn Vulnerable Web Application. You can download it here.

Read More

Kuya 1 writeup

  • 8 min read

This is a relatively easy to crack machine. Let’s start with the basics: Reconnaissance.

Read More

The five phases of ethical hacking

  • 1 min read

An Ethical Hacker is someone who specialises in computer security through what’s known as “Penetration Testing”, which are series of exercises carried out against computer systems to spot vulnerabilities and weaknesses.

Read More

Post-Exploitation: spawning a shell

  • 3 min read

Once you have gained shell access on a machine, you will often find the prompt extremely limited, especially if you have used manual exploitation. In these cases, the shell often cannot perform basic tasks that you would expect from a fully interactive shell prompt like Bash, or zsh. You will also be unable to run intensive interactive commands such as the Vim text editor, or ncurses-based programs.

Read More

What Apple’s T2 chip means for the security of Macs

  • 4 min read

An article by Mac Rumors was recently published, revealing Apple had designed a component, which, according to an Apple document, would “result in an inoperative system” in the event a hardware replacement or repair was performed without running a proprietary diagnostics solution after.

Read More