Recent Posts

Tenet - Hack The Box

Writeup of Tenet Hack The Box machine. In this machine we will face with two common vulnerabilities. The first one is a serialization issue and the second one is a Time of Check, Time of Use (ToC-ToU).

¿Cómo funciona Radar COVID?

En esta entrada analizaremos la aplicación que el Gobierno de España a puesto a disposición de los ciudadanos para comprobar si han estado expuestos al virus sin desvelar la identidad de los usuarios, es decir anónimo, y comprobaremos cómo lo han hecho.

Web challenge

This is an interesanting web challenge where the user needs to bypass the command input in order to execute commands and get the flag. I will be explaining how to bypass the command input and some cool tricks PHP has to write code without alpha-numeric characters.

Insecure PEAP Networks?

As part of part of a red team exercise, gaining foothold is key in our path to achieve AD control. In this post I will be talking about WPA2 Enterprise Networks, how PEAP works, why many deployed PEAP networks are insecure and how to take advantage of this to gain access and finally how to prevent it.

Leaking NTLM Hashes

Leaking hashes is not something new, however it is still possible to do it mainly because it is a feature that is enabled by default. It is caused by a design flaw in Windows related to the user authentication. In order to achieve single sign-on implementation Windows will try to authenticate to each server with the user credentials in the form on NTLM hashes. In this post I will explain which types of NTLM hashes there are, which ones are used for pash-the-hash, how to relay hashes and some techniques to leak them.