Disable macOS Dock’s Bounce to Alert Behaviour
In Terminal
Install A Font in WINE
You can add them to ~/.wine/drive_c/Windows/Fonts/ and then restart. Source
Homebrew: fatal: Needed a single revision
Solution: cd $(brew –repository) && git fetch && git reset –hard origin/master Source
.ssh/config: line 7: Bad configuration option: useroaming on macOS 10.12 Sierra
Line 7 is UseRoaming no which I because of CVE-2016-0777 Solution: Comment out that line as the version of OpenSSH that ships with macOS 10.12 no longer had that insecure feature.
Exploit Exercises Nebula 5: Level 09 Write Up
Level: https://exploit-exercises.com/nebula/level09/ There’s a C setuid wrapper for some vulnerable PHP code… To do this level, log in as the level09 account with the password level09. Files for this level can be found in /home/flag09. Using the e modifier is dangerous and has been removed as of PHP 7.0.0. It allows PHP code in the second argument. There is a $useme parameter which might come in handy. So what happens is you pass it a file and it looks for…
Exploit Exercises Nebula 5: Level 08 Write Up
Level: https://exploit-exercises.com/nebula/level08/ World readable files strike again. Check what that user was up to, and use it to log into flag08 account. To do this level, log in as the level08 account with the password level08. Files for this level can be found in /home/flag08. What’s that capture.pcap? Lets load that in Wireshark. Lets open our Kali VM. Open capture.pcap in Wireshark. Right click on the first entry, mouse over Follow and click on TCP Stream. This shows us some…
Take a Screenshot Using VMWare Fusion on macOS
Use the escape key combination: ctrl+command Then using the regular macOS screenshot shortcuts. https://support.apple.com/en-au/HT201361
Exploit Exercises Nebula 5: Level 07 Write Up
Level: https://exploit-exercises.com/nebula/level07/ The flag07 user was writing their very first perl program that allowed them to ping hosts to see if they were reachable from the web server. To do this level, log in as the level07 account with the password level07. Files for this level can be found in /home/flag07. … The program allows command injection via ?Host= Lets set it to localhost; getflag But how do we run it? There is a thttpd.conf in that directory, can we…
Exploit Exercises Nebula 5: Level 06 Write Up
Level: https://exploit-exercises.com/nebula/level06/ The flag06 account credentials came from a legacy unix system. To do this level, log in as the level06 account with the password level06. Files for this level can be found in /home/flag06. Gives us flag06:ueqwOCnSGdsuM:993:993::/home/flag06:/bin/sh Now fire up Kali because we need to use John the Ripper flag06:hello:993:993::/home/flag06:/bin/sh Our password is hello Back on the Nebula system: You have successfully executed getflag on a target account.
Exploit Exercises Nebula 5: Level 05 Write Up
Level: https://exploit-exercises.com/nebula/level04/ Check the flag05 home directory. You are looking for weak directory permissions To do this level, log in as the level05 account with the password level05. Files for this level can be found in /home/flag05. You have successfully executed getflag on a target account.