About b0yd (Edit profile)

This author has not yet filled in any details.
So far b0yd has created 27 blog entries.

BMC Patrol Agent – Domain User to Domain Admin

**Important -  thanks to a nice cease and desist letter from BMC, I am obliged to explicitly state that Securifera is in no way affiliated, sponsored, or endorsed with/by BMC. All graphics produced are in no way associated with BMC or it's products and were created solely for this blog post. All uses of [...]

By |2019-03-18T01:36:12+00:00December 17th, 2018|PENTESTING|1 Comment

Metasploit Community CTF 2018 Writeup

Last weekend I participated in the 2018 Metasploit Community CTF. It was a nice break from the Jeopardy style, exploitation heavy CTFs I tend to play in. The setup included two vulnerable VMs, 1 windows, 1 linux ( with a bunch of dockers), and one Kali attack VM. This was the first Metasploit CTF [...]

By |2018-12-10T07:25:59+00:00December 10th, 2018|CTF|0 Comments

AMD Gaming Evolved (Raptr – Plays.tv) Remote File Execution

Background For anyone running an AMD GPU from a few years back, you've probably come across a piece of software installed on your computer from Raptr, Inc. If you don't remember installing it, it's because for several years it was installed silently along-side your AMD drivers. The software was marketed to the gaming [...]

By |2018-10-07T23:38:07+00:00April 15th, 2018|EXPLOITS|0 Comments

Flare-On 4 Challenge 11 Writeup

Flare-On 4  Challenge 11 Writeup For the last several weeks, I've been working through this year's Flare-On competition put on by FireEye. There was a broad range of challenges across various technologies with varying degrees of difficulty. I got to try out a few new tools and really enjoyed working through [...]

By |2017-10-16T03:58:44+00:00October 16th, 2017|CTF|0 Comments

DEFCON CTF 2017 – Divided Writeup

DIVIDED A little over a month ago, LegitBS held the qualifier for this year's DEF CON CTF. As the competition was nearing a close, the organizers released an atypical pwnable challenge, a Windows binary. There are only a handful of CTFs that tend to release Windows exploitation challenges and there is minimal [...]

By |2017-06-18T04:21:26+00:00June 18th, 2017|CTF, EXPLOITS|0 Comments

A Less Dirty Cow

BACKGROUND I recently came across several RHEL 6.x systems during a penetration test our team was performing for a customer. We had gained user level access on these machines and began enumerating privilege escalation possibilities. Given the somewhat recent discovery of the Dirty Cow vulnerability and what appears to be a manual patching [...]

By |2017-01-29T23:46:20+00:00January 28th, 2017|EXPLOITS, PENTESTING|1 Comment

Smart Phishing – Defeating Email Sandboxes

I decided to mix things up a little bit and do a blog post on something a little different than the usual vulnerability research or CTF write-ups. The bulk of our day job is focused on performing long term external assessments on customer networks, so I thought it might be useful to [...]

By |2017-01-28T15:56:08+00:00September 26th, 2016|PENTESTING|0 Comments

Time To Patch: RCE on Meinberg NTP Time Server

During a recent vulnerability assessment for a customer, I ran across an interesting web server while enumerating network enabled devices.  Navigating to the web server presented the management interface for a Meinberg NTP Time Server. This particular hardware appliance was used to provide an accurate time source for time-sensitive applications and hardware components while [...]

By |2016-10-12T16:53:58+00:00July 17th, 2016|EXPLOITS|0 Comments