Using pfSense on your internal network?

and NAT won’t work? Don’t be me. Don’t forget to uncheck ‘Block private networks and loopback addresses’ and ‘Block bogon networks’ from your WAN interface.

As you would expect, if you’re using pfSense as a router between VLANs which are on private network addresses, that setting will ruin your day 🙂

More to come on my lab setup 🙂

Dell R710 & VGA

Have you just picked up a stacked Dell R710 for a bargain price, ready to build a sweet infosec lab?

You know what I mean. All the fruit. Dual Hex core Xeons, a stack of SAS disk and a huge amount of RAM?

It’s a thing of beauty! It’ll run a bunch of VMs and anything you could ever throw at it in a home environment. But, there’s only one issue. Everything seems to work, except VGA.

Did you do what I did? Did you grab a random VGA-to-HDMI cable then plug it into a HDMI-to-DVI adapter, and stick it into the closest spare LCD/TFT monitor you had handy? Then, the VGA didn’t work?

Well. It COULD be the cable, even if that same cable works on other systems!

Firstly, if your iDRAC6 Enterprise works, then your VGA works, so this is the first thing to check. This isn’t without its own set of issues in a modern environment where Java is essentially deprecated, but for that /r/homelab to the rescue again!

But, thanks to the super fine folk over at /r/homelab (who are almost entirely to blame for me buying an R710) they provided the hints needed which lead to…

Success!

It does seem that the VGA chipset is incredibly shitty and it can’t even run a basic converter to DVI, which I guess is understandable given it’s a server that doesn’t have a monitor connected for 99% of its life.

So, give that a go!

Dell Optiplex 9010 & VMWare ESXi 6.5

Recently work upgraded a number of staff machines to the latest Dell workstations. My manager organised for much of the surplus hardware to be made available for sale to us, should we wish to purchase it, and it was also priced very well given it was 2 – 3 year old hardware.

I was especially interested as I enjoyed working on that workstation and it always had plenty of grunt to run a few VM’s while I was working (often I’d have a Kali VM and a Debian VM running) in addition to two copies of Visual Studio with both of them debugging, but it was now out of warranty and as big organisations often do, they replaced it. I put my hand up to purchase the hardware, without instantly having a use for it, but knowing it was still fast and had been ultra reliable.

Continue reading Dell Optiplex 9010 & VMWare ESXi 6.5

Homebrew recipes, now with 100% more GitHub!

A few weeks ago, I decided to share some of my brewing recipes. At the time I was also setting up a fairly comprehensive (private) dotfiles repo. This is because I’m trying to refine my life and my workflow to use more native unix tools; but then I realised – why not just use GitHub to share the recipes?

That will fit my workflow very well, I can keep my local recipes in sync with GitHub very easily, not to mention the surprisingly large number of brewers who also work with technology, this may also work for them, too.

My recipes, all in BeerXML format, are located at https://github.com/vortexau/HomebrewRecipes/ If you’re handy with Git, feel free to clone and send pull requests with improvements!

Continue reading Homebrew recipes, now with 100% more GitHub!

PWK/OSCP – Stack Buffer Overflow Practice

When I started PWK, I initially only signed up for 1 month access. I was putting in a huge amount of time in the labs, learning what I thought would be enough to get through the exam, without completing the buffer overflow section of the exam.

I was scared of buffer overflows, all that hex and assembly, shellcode, memory addresses, endianness… I tried to skip it.

Continue reading PWK/OSCP – Stack Buffer Overflow Practice

OSCP Exam – Preparation, Exam Day & Report Day

In December 2016 I set the goal of achieving the OSCP certification by the end of June 2017. I have been in a development role at my current employer for 8 years – they’ve been incredibly good to me and I love working there – but I want to move into more of a security focussed role so I figured I would need a serious certification to achieve this. I’d love to stay with the employer I am with, and our current security team has said my skillset is such that I compliment their skills, and would be great to assist our other developers with security.

This week I achieved that goal!

Continue reading OSCP Exam – Preparation, Exam Day & Report Day

Try Harder. No, harder! Keep going… TRY HARDER!

Try Harder! It sounds like an annoying catch phrase, doesn’t it. I thought the same, when I started PWK in January.

I thought that you do, or you do not. There is no try.

Well, having now completed my OSCP exam and lab report and having been granted the OSCP certification, I now know there is no do – there is only TRY HARDER!

“Try Harder” is a hard concept to explain. It’s probably even a very individual concept to each person who does the certification – but I know for certain that the PWK labs and the OSCP certification exam challenged me more in a short period of time than just about anything else in my professional career!

I’ve done some challenging things as a developer. Designing a secure solution for single sign on from a custom mobile application into another custom application was challenging. Designing a protocol to allow a staff member to emulate student access to a major system in an afternoon was challenging. But, these were challenging in a different way. At 3pm in the afternoon after documenting the protocol for HMAC data validation in a custom mobile application, if I get tired, and assuming I have managed my time correctly, I can task-switch to something else for the rest of the day to give the grey matter a break.

That’s challenging. Putting yourself in the mindset of an attacker for hours on end, considering what they could see on the wire, what the protocols in use are, what known weaknesses the protocols have and how they can be mitigated – that’s all pretty challenging stuff. It’s also a place I thrive in!

Then 5pm comes along – and off to the pub you go. It simmers in the back of your mind over the weekend, but not much more thought is given than that.

But PWK and the OSCP exam take the concept of challenging to a whole other level. 24 hour exam. 5 hosts. 70 points required. Metasploit on one host only. No commercial tools. But, then it’s not over. Not by a long shot. You then have 24 hours to prepare and submit your lab & exam report. This in itself is a tough challenge, and if you’re also submitting your 10 lab hosts you’d better make sure they’re finished BEFORE you need to document your 5 lab hosts!

The OSCP exam itself isn’t just a penetration testing challenge, it’s a test of your stamina. It’s a test of your preparation. It’s a test of your time management skills.

It is a test of YOU.

It gets tough.

It gets really tough.

But, if your preparation is right, if your skills are on, and if the luck is with you – it all falls into place.

But. Here’s the thing. It only falls into place if you…

TRY HARDER!

It’s kind of intangible. It’s hard to explain.

If you’re considering doing PWK, you’ll just have to jump in and find out for yourself.

 

 

 

Running Keepnote on OS-X/macOS.

I sat down tonight to work on my PWK/OSCP lab report (Yeah, I’ve been doing PWK!) before my upcoming exam, and intended to use Microsoft Word on my Mac to do write it up in, just because I’m familiar with it. But, of course, all my notes are in Keepnote which runs on Kali.

Sure, I can run Kali in a VM on my laptop, and I actually already do, but I don’t at all fancy wrangling with cross-VM copy/paste etc. Sure, my data is stored in a synced cloud service, so it’s actually already even available on my macOS drive anyway, but, it would be nice to just use Keepnote natively to access the notes.

Turned out there’s a couple of hoops to jump through, to be expected I suppose – as unfortunately Keepnote appears to be all but abandoned, given the latest version is from 2012.

I found some details at highon.coffee, which were a good start. Unfortunately, there was perhaps already a dependency installed on the laptop used there, or perhaps Brew has just changed that much, that the dependencies suggested didn’t work for me.

I used the first couple of suggestions, but needed to work out an issue with Glade missing from pygtk.,but a couple of Google’s later, and I have it worked out. The updated pygtk install command required is:

brew install --verbose pygtk --with-libglade

Possibly the .dmg installed on highon.coffee provided glade, but brew doesn’t. Not sure… Anyway, Keepnote works on macOS 🙂

I’m intending to blog once a week once I’m done with OSCP, but we’ll see how that goes. Hopefully I will be certified OSCP by July, which was my goal when I signed up at the start of the year 🙂

 

SecTalks 0x05 – December Meeting – Modern Honey Net

I did a short presentation at SecTalks Adelaide 0x05 on December 7th.

It honestly wasn’t anything too groundbreaking, but I have enjoyed running an SSH honeypot so far; I really enjoy the fact I’m collecting malware and submitting it to VirusTotal. So far I have about 35 malware samples that VT didn’t know about that I have submitted! Every little bit helps!

Here are my slides: ModernHoneyNet