Tag: Walkthrough

The Backdoor That Printed Itself

We’ve all gotten the message you never want to get. Mine came in at 11:57 in the morning: a WordPress site I help maintain had been flagged as compromised. Someone had gotten in and left themselves a way back.

Here’s the part I didn’t expect. By the time I finished reading the malicious code, I realized it had never actually worked. The attacker built a perfectly functional backdoor and then, through one tiny detail, accidentally disarmed it themselves.

Let me walk you through what happened, because the why is genuinely fun, and the lesson underneath it applies to anyone who runs a website.

Continue reading The Backdoor That Printed Itself

Undocumented APIs

Because I always love to push the envelope, and love learning how different services work in the background, I find myself running into undocumented APIs fairly regularly. Through writing many random bots, I've come up with a pretty nice workflow for handling, and documenting these APIs.

This article is going to cover how I typically go about the endeavor of documenting unknown APIs.

Read More

OverTheWire Bandit Part 2

OverTheWire Returns

In my last post, I walked us through connecting to OverTheWire's Bandit server, and completing level 0 and level 1. Following along with the previous article is a prerequisite to following this article, as you'll need to get the password from the file in level 1 first.

You can view my last post about this by following this link.

Read More

OverTheWire Bandit Part 1

What is OverTheWire?

OverTheWire is a website with two games. One is "Wargames", which is a level based game, the other game is "Warzone", which is more of a free-for-all hacking game.

In this series of articles, I'm going to give a walkthrough of how to complete the "Bandit" series of levels on their website.

Read More