Level: low tech and technical

Workshop:

Working together to master a Box Challenge. Learn and apply tools, tactics and procedures in analyzing a vulnerable box.

An unrecorded workshop session in which we solve an interactive TryHackMe (THM) Challenge together.

The goal is to have a joint hacking session in which you will learn something as well as be able to put what you have learned into practice. You should actively participate in the workshop.

▽▽▽▽▽▽▽▽▽▽Requirements▽▽▽▽▽▽▽▽▽▽

• Own laptop
• Basic knowledge about Linux CLI/command line (handling of basic commands (cd, ls, mkdir, etc..))
• Search engine of your choice
• Kali Linux virtual machine (recommendation) or installed directly on your laptop
• TryHackMe Free Account

▽Procedure of the session:▽

I will choose an unnamed challenge box in advance from THM. This challenge is suitable for beginners and should be a web challenge which potentially ends with a Linux part. Except for the Challenge Box pre-selection and the setup of the Virtual Machine (VM) based on Kali Linux, there are no preparations from my side.
During the workshop we will try to find and exploit the vulnerabilities together. The idea would be that the workshop participants provide ideas how we can attack the box. I would then demonstrate suitable as well as unsuitable ideas live. In doing so, I will show you common tools and methods I use to approach such problems.

Maybe we’ll manage to successfully pwn the box together!

Bio:
Petar ‘Hetti’ Kosic is an IT security expert from Vienna and part of the finest Viennese hackspace Metalab. In his spare time he loves to go to community-based IT (security) conferences and camps, where he also gives talks about various (IT Sec) topics. You can also find him at the Chaos Computer Club Vienna (C3W) and on some weekends he is flag hunting with the successful academic CTF team We_0wn_Y0u.