Preamble
This month there were a variety of subjects that caught my eye:
- Flawfinder
This month I continued to advance my comprehension in static code analysis by leveraging the Flawfinder command-line tool. In brief, flawfinder searches through C/C++ source code looking for potential security flaws. Any potential vulnerabilities discovered are output to the command line ranked 1 to 5 (with 5 being the most severe). I leveraged this tool recently while working through a binary exploitation problem; while ultimately I’d like to develop my own comprehension to recognize these vulnerabilities on my own innately, for now tools like this can help direct and guide me. - Website updates
Something that’s been bugging me for quite a while has been that every time I post an update to my website, Netlify notified me of the presence of a mixed-content vulnerability. Furthermore, I only just realized that my Search function was totally disabled; users could navigate to the Algolia search bar, but no results would appear from searching. All-in-all, this was bothersome enough to be irritating, but functional enough to be put off. Well this month I got to troubleshooting!
The first issue was a quick fix; reviewing the logs showed that I was including references to an HTTP page nestled in amongst the various HTTPS pages of my site. Fortunately, the logs directly pointed me to the content. This was a quick and easy fix.
The next issue was a bit more…troublesome. In fact, I’m not entirely certain I understand how I’ve resolved it (because, truth be told, Hugo and web site hosting is at the horizon’s edge of my web development comprehension). However, I believe the following occurred: first, because I wasn’t regularly engaging/updating my Algolia index, it was deleted. Because my site is statically generated via Hugo, this meant that there were no records for my Search page to pore over. When I re-created my index in Algolia, it wasn’t re-populating with records because various files within my Hugo site (namely, config.toml and .env) were not set to the correct API key, index name, and application ID. Finally, even with all of these fixed, I wasn’t running npm and committing the changes to the algolia.json file to the github repo, which Netlify uses to deploy the site.
While I could have done all of this manually, fortunately Netlify now has an Algolia plugin to help automate some of this functionality. Now my index updates every time my site deploys (i.e. with every post!). There are still some aesthetic changes I’d like to make (for example, I don’t really like how my site outputs the search results at the moment), but it is functional! - First Github Contribution
After being the beneficiary of so many projects that exist on Github, I finally made my first contribution to an existing git repository. Now, I’ll preface upfront that my contribution was small - but this mention is more to highlight the act of contributing to a project then necessarily adding a wildly brilliant/innovative feature.
Now, this change stemmed from an attempt to use RsaCtfTool.py, a useful cryptography tool developed to help resolve common crypto problems encountered. I found that when I attempted to use the tool, an error would appear; turns out, when I looked at the project’s issues on Github, someone else was also seeing the same error. I really wanted this tool to work, so I took a look and attempted to figure out what was going on; best I could figure at a glance was that there was a particular line of code that was erroneous - by commenting out the line, I got the tool to work.
I wanted to share my fix, so I referenced some instructions online in order to fork the project repo to my account, commit the requisite changes, then initiate a pull request to the original project to have the changes made to the master branch. All-in-all, not the most remarkable feat (especially for those who do software development) but it was something of a milestone for me; more than simply engaging a pull request, this moment marked a level of confidence in my own abilities so as to diagnose and recommend a fix in someone else’s program. - Pivoting
I began engaging with one of HacktheBox’s Pro Lab environments this month in a “practice-makes-perfect” exercise. Immediately, I came to realize that there was a fundamental skillset in my penetration testing toolbox that I needed to develop: pivoting!
In most practice environments and Capture-the-Flag events, there is a single, direct target to attack and compromise; the act of post-exploitation generally is restricted to activities related to privilege escalation. By contrast, the Pro Labs offered by HacktheBox model real-world networks where multiple computers, servers, and other devices are connected by and through routers and firewalls. A pivot is a machine within the target network that can be used to launch further attacks on other targets.
When I was studying for the OSCP, the accompanying PWK training materials did touch on some pivot techniques. In fact, their practice lab environment includes layers of machines that are accessible only via pivoting. However, ultimately the skill is not prioritized for the exam and so I only engaged with it in the context of the PWK labs.
I’ve had to refresh and learn more about how to use tools like chisel, proxychains, and meterpreter’s own options for pivoting. A full writeup on this is warranted in the future, but I’m just enjoying getting some practice done in the meantime. - Finals
Next week finals open up for my graduate school course; which is just as well as I have some work travel to perform the subsequent week! I’ve really come to appreciate this course in Operating Systems - it’s helped provide some generalized context for some information I was already aware of as well as massively expanding my understanding of file systems, shared memory, system calls, virtualization, and more.
I’ve already signed up for my next class - Computer Networks - starting next month. Besides satisfying yet another prerequisite in the Computing Systems Specialization, it also touches on several aspects of my profession that I find interesting. Moreover, the course is rated as being one of the easier ones offered by my program - which will be a nice reprieve following the time-intensive work I had to pour into my current course.