Supervised hacking - Senior and the Junior crew

Presented at Disobey 2024, Feb. 16, 2024, 2:15 p.m. (180 minutes).

A supervised hacking session. Get familiar to tools, tactics and methodologies for analysing vulnerable online services. # Attention If you don't come prepared, as stated in the requirements below, we are not gonna wait for you setting up your system, as we don't have time for that. ## What is this workshop about? An unrecorded workshop session in which we solve an interactive TryHackMe (THM) box hacking challenge together. Learn and apply tools, tactics and procedures for analyzing a vulnerable box. The goal is to have a joint hacking session in which you will learn something as well as be able to put what you have learned into practice. You should actively participate in the workshop. ## Requirements * Own laptop * TryHackMe Free Account * Solid basic knowledge about Linux and the command line interface (CLI) (navigating through the filesystem, executing programs, man pages, basic cli tools (cd, mkdir, ls etc.) * Search engine of your choice * Kali Linux via: * as virtual machine (recommendation) OR * Kali Linux Live System via Flash drive OR * Installed directly on your laptop ### Linklist * TryHackMe Registration * Kali Linux Virtual Machine Images * Kali Linux Live Boot Images ## How will the session work I will choose an unnamed challenge box in advance from THM. This challenge is suitable for beginners and includes a web and Linux part. Except for the challenge box pre-selection and the setup of the virtual machine (VM) based on Kali Linux, there are no preparations from my side. During the workshop we will try to find and exploit the vulnerabilities together. The idea would be that the workshop participants provide ideas how we can attack the box. I would then demonstrate suitable as well as unsuitable ideas live. In doing so, I will show you common tools and methods I use to approach such problems. Maybe we'll manage to successfully pwn the box together! Check out the Hacking Cheatsheet

Presenters:

  • Petar 'Hetti' Kosic
    Hetti is an IT Security Expert based in Vienna and part of the finest Viennese Hackspace [Metalab](https://metalab.at). During day he is breaking IT infrastructure for a living and at night he works on fun hacking projects and deals with state-of-the-art legacy infrastructure. He enjoys traveling to community based IT (Security) Conferences and Camps. You can also find him at the [Chaos Computer Club Vienna (C3W)](https://c3w.at) where he is mainly involved with [Chaos Macht Schule (CmS)](https://c3w.at/schule/). On some weekends he is hunting flags with the successful academic CTF Team [We_0wn_Y0u](https://w0y.at).

Links:

Similar Presentations: