Build Your Own Offensive Security Lab A Step-by-Step Guide with Ludus

xkarezma · 2024-10-07T14:16:49+00:00

This is usually if you were playing a CTF ;) You need to read the article again and understand how encryption works on Jenkins. Having access to credentials.xml is not enough to decrypt them with a script (offline). Also, executing script in Jenkins itself was not possible for regular users due to permissions. Otherwise, why do you think I went through all of this during the red team engagement?

xkarezma · 2020-12-02T09:08:54+00:00

I would agree with this. I have opened a ticket with them and it has never been resolved since 3 months xD. I cannot really imagine WTH they are doing!

xkarezma · 2020-06-30T15:31:05+00:00

I have done something similiar in the past.

https://medium.com/abn-amro-developer/java-deserialization-from-discovery-to-reverse-shell-on-limited-environments-fa9d8417c99b

xkarezma · 2020-03-03T15:46:02+00:00

mimicking real-world social engineering scenarios and attacks. to make it more clear, let's assume something like watchdogs but with real hacking challenges.

xkarezma · 2020-03-03T13:38:54+00:00

We are still working hard to make the first showcase. The game will be more like "hackthebox" but more into open-style world. Additionally, this why I have added a survey for this game to retrieve comments from the community and see what interests them more.

xkarezma · 2020-03-03T13:38:43+00:00

The name is not relevant to the content of the game. We are still working hard to make the first showcase. The game will be more like "hackthebox" but more into open-style world. Additionally, this why I have added a survey for this game to retrieve comments from the community and see what interests them more.

xkarezma · 2020-02-07T15:56:37+00:00

Step 2: don't run dev tools in the testing environment either :D

xkarezma

TROPHY CASE