Problem Recently I have the need to write code that interacts with kubernetes outside and inside the cluster. Outside is easy I can just execute my application on the host and it sends the requests off to the API. Developing insight would be a pain if everytime I made a change to a line of code I would have to rebuild the container image and redeploy the pod using that new image.
Introduction and motivation Recently at work I had a requirement to provide clients static IPs for our kubernetes cluster. AWS managed load balancers are fantastic but due to their elastic scale-ability you can not guerentee what IP addresses your load balancer is using. Fortuantly AWS provides the Layer 3 Network LoadBalancer (NLB). The NLB allows for Elastic IPs to attached to it, providing static IPs.
Because we are using an ingress-controller, nginx in this case, a Layer 3 loadbalancer is completely adequate, as the ingress-controller will handle routing to k8s services on the application layer.
What is SMB? Info Server Message Block (SMB) SMB has a pretty bad rep in regards to security espically with the recent, 2017, infamous exploit EternalBlue CVE-2017-0144.
But how can you find it, exploit it, and even use it to help with a red team engagement? Lets find out.
Enumerating Before you can do anything you need to discover shares on the network. From here you can try to see if any shares allow anonymous access or what restricted share exists.
Let’s use hashcat to generate a custom word-list we can make use of with password spraying attacks. Users typically have passwords that have a set pattern, such as if a company has a policy of resetting passwords monthly it is not surpring to find that users have their password contain the current Month of the year. Prehaps a companies password policy is longer you could then expect users to use seasons as part of their password.
HTB Writeup: friendzone Introduction Friendzone was my third box to own on HackTheBox. I learnt alot from this box. Such as exploiting Local File Inclusion (LFI) to have PHP execute my reverse shell, to understanding more about DNS and the ways python imports libraries.
Enumeration nmap Running nmap on a server will give a lot of information on what ports are open on the machine and what services those ports belong to.
So I have started a blog. Here you should find write ups on CTFs and machines on HackTheBox and my experiences in the industry as try to improve my skills in cyber security.
I want to start documenting and recording things I learn to help others but also to serve as notes for myself.
I’m just starting out and very much a noob so do not expect too much.
– Sam