Security Dojo

go down the rabbit hole...
it en

Laboratorio virtuale in casa - parte 3

2022-05-08 5 min read fud0

Dopo il primo articolo introduttivo e il secondo in cui abbiamo visto Proxmox, nella terza puntata di oggi vedremo la soluzione basata su VMware ESXi.

Procediamo con l’installazione utilizzando la seguente configurazione:

  • tastiera e mouse collegati (porte USB posteriori)
  • chiavetta USB con Ventoy (porta USB frontale)
  • cavo video HDMI
  • cavo di rete collegato alla porta Ethernet 2.5Gbps

PROBLEMA 1: Una volta avviato il setup dal menu di avvio ci troviamo in breve di fronte ad una schermata di errore dal titolo “No Network Adapters”.

VMware ESXi - Errore iniziale installazione

Continue reading

Ubiquiti NanoStation LocoM5 - Access point setup

2022-04-23 3 min read fud0

A little over a week ago, I got my hands on a Ubiquiti device, in particular the NanoStation LocoM5. A friend of mine recovered a couple, now disused, from the hotel where he works.

It is hardware now out of production, but that is more than fine if used as a temporary backup solution (access point). Powered by passive PoE, it works on a frequency band of 5 GHz.

First, we reset the device to restart it with the factory configurations. With a toothpick or a paper clip you simply hold down the reset button on the bottom of the LocoM5 for at least ten seconds. We will see the various LEDs light up and blinking.

Continue reading

Virtual Home Lab - part 2

2022-03-27 5 min read fud0

Here we are, albeit after some time, with the second article on how to create your own virtual home lab.

After an introductory and generic first article we will see today the solution based on ProxMox. In particular, the installation process together with a whole series of small tricks useful for solving various problems encountered.

We insert our USB hub with the mouse and keyboard connected on one of the front ports. On the other we connect the USB stick with Ventoy and the ProxMox ISO. Remember to connect the network cable to one of the interfaces. In our case we will use the 2.5Gbps one.
Let’s start the MinisForum H80 and press F7 so that we can choose the correct entry from the boot menu. ProxMox after the first initialization operations seems to get stuck on a similar screen:

Continue reading

Virtual Home Lab - part 1

2022-02-27 4 min read fud0

This is the first in a series of articles dedicated to creating a a virtual home lab using as hardware a mini-pc, in this case a MinisForum H80.

We will see the tests done with 2 software solutions for virtualization. On the one hand the “open source” one with Proxmox VE, on the other the “closed” one of VMWare ESXi.

This is the lineup of the series:

  • Part 1: introduction and overview of the HW and SW used
  • Part 2: solution using ProxMox
  • Part 3: solution using VMWare ESXi
  • Part 4: choice, considerations and conclusions
Continue reading

HackTheBox BountyHunter machine walkthrough

2022-02-08 5 min read fud0

This article will be dedicated to the walkthrough of the BountyHunter box (level easy) available in HackTheBox.

It is a machine now “retired”, from which I got the user and system flags some months ago (October 2021) when it was still active.

Initial disclaimer: do not consider these steps as 100% correct or the best one available. Pretty sure that it would have been possible to get the solution faster and with a different approach. That said, I think it’s important to see the tentatives and logic applied, besides the tools used. This is important when looking back at possible errors and ways to improve, especially when starting.

Continue reading

Bye bye Wordpress... Welcome Hugo!

2022-02-06 3 min read fud0

Finally, after a long time, I am back to post with a simple but important news. The dismiss of Wordpress for blogging and the migration towards something faster and simpler like Hugo. On the one hand the desire to abandon a framework perpetually “under attack”, on the other the desire to try something new. In fact, in recent months I have heard from more than someone about Hugo and its ease of use.
Mostly chosen by people like me, who likes to use often Markdown language to write their own documentation.

This blog will basically be a static site so I said to myself, why not choose it?

In the past few days, I have therefore started working on the transition. Not that I had written many articles, but I still had to “bring them” and do the due experiments with the chosen theme. A few small adjustments with the theme and here we are, “again” online.

Continue reading

Wmap Metasploit – How to fix 'database not connected' problem

2021-09-26 1 min read fud0

WMAP is a web application vulnerability scanner available as module within the Metasploit framework.

When attempting to use it, if Metasploit has not been configured to use the PostgreSQL database, you may encounter an error similar to the one shown in the screenshot below.

WMAP - Error while loading WMAP

In fact, it is possible to use Metasploit even without having a database configured, but is is certainly useful to do so. For example, if you want to keep the data of your searches or scan results.

However, in the case of the WMAP module this is a fundamental requirement.

Let’s see how to fix problem.

Continue reading
Older posts