会社がリモートワークになって1年が過ぎました

どうも、のみぞうと申します。私はとあるSaaSサービスの会社で日々ぬくぬくと働いています。夫はいますがオオアリクイに殺されてはいません（←意味がわからない人はこちら）

所属している会社がコロナの影響で原則フルリモートワーク（出社は必要な人のみ申請制）となってから、早くも1年が経過しました。

もともと引きこもりのインドア気質なので、可能ならこのまま一生出社したくないぜヒャッホウ！という気持ちですが。ステイホームという大義名分を得て、自分的にスペシャル快適な環境を手にするためにこの1年間で色々と変化があったので、変遷を辿りながらよかったモノとかコトを紹介してみます。

リモートワーク開始時点の環境
1年後（現在）の環境
机周りお気に入りグッズ
- モニター&モニターアーム
- キーボード：HHKB Professional HYBRID Type-S
- ワイヤレスノイズキャンセリングヘッドホン：WH-1000XM4
- WEBカメラ
- 自動昇降式デスク（脚だけ）：FLEXISPOT
- DellのUbuntuプリインストールのラップトップ
- その他小物たち
周辺のお気に入りグッズ
- ネスカフェドルチェグスト
- ルンバ
- バルミューダの電子レンジ
- WiFi対応体重計
やって良かったこと
- 英語コーチング
- よく寝る
- 毎日湯船に浸かる

2021-03-06

TryHackMe(THM): OWASP Top 10 -walkthrough 2/3

TryHackMe walkthrough Writeup

みんな大好きOWASPルームの続き

前の記事 nomizooon.hateblo.jp

Task 12 [Severity 4] XML External Entity
Task 13 [Severity 4 XML External Entity - eXtensible Markup Language
- Full form of XML
- Is it compulsory to have XML prolog in XML documents?
- Can we validate XML documents against a schema?
- How can we specify XML version and encoding in XML document?
Task 14 [Severity 4] XML External Entity - DTD
- How do you define a new ELEMENT?
- How do you define a ROOT element?
- How do you define a new ENTITY?
Task 15 [Severity 4] XML External Entity - XXE Payload
- Try the payload mentioned in description on the website.
Task 16 [Severity 4] XML External Entity - Exploiting
- Try to display your own name using any payload.
- See if you can read the /etc/passwd
- What is the name of the user in /etc/passwd
- Where is falcon's SSH key located?
- What are the first 18 characters for falcon's private key
Task 17 [Severity 5] Broken Access Control
Task 18 [Severity 5] Broken Access Control (IDOR Challenge)
- Read and understand how IDOR works.
- Deploy the machine and go to http://MACHINE_IP - Login with the username being noot and the password test1234.
- Look at other users notes. What is the flag?
Task 19 [Severity 6] Security Misconfiguration
- Deploy the VM
- Hack into the webapp, and find the flag!
Task 20 [Severity 7] Cross-site Scripting
- Deploy the VM
- Navigate to http://MACHINE_IP/ in your browser and click on the "Reflected XSS" tab on the navbar; craft a reflected XSS payload that will cause a popup saying "Hello".
- On the same reflective page, craft a reflected XSS payload that will cause a popup with your machines IP address.
- Then add a comment and see if you can insert some of your own HTML.
- On the same page, create an alert popup box appear on the page with your document cookies.
- Change "XSS Playground" to "I am a hacker" by adding a comment and using Javascript.

2021-02-23

TryHackMe(THM): OWASP Top 10 -walkthrough 1/3

TryHackMe walkthrough Writeup

実は来月あたりに徳丸試験の受験を予定しているので勉強も兼ねてこちらのRoom攻略

https://tryhackme.com/room/owasptop10tryhackme.com

そんなに難しくはないんだけどやたら長いので3回くらいに分けつつ、読めば終わるところも簡単に要約をつけてまとめまる方針でいきます。

Task 1 Introduction
Task 2 Accessing machines
Task 3 [Severity 1] Injection
Task 4 [Severity 1] OS Command Injection
Task 5 [Severity 1] Command Injection Practical
- What strange text file is in the website root directory?
- How many non-root/non-service/non-daemon users are there?
- What user is this app running as?
- What is the user's shell set as?
- What version of Ubuntu is running?
- Print out the MOTD. What favorite beverage is shown?
Task 6 [Severity 2] Broken Authentication
Task 7 [Severity 2] Broken Authentication Practical
- What is the flag that you found in darren's account?
- Now try to do the same trick and see if you can login as arthur.
- What is the flag that you found in arthur's account?
Task 8 [Severity 3] Sensitive Data Exposure (Introduction)
Task 9 [Severity 3] Sensitive Data Exposure (Supporting Material 1)
Task 10 [Severity 3] Sensitive Data Exposure (Supporting Material 2)
Task 11 [Severity 3] Sensitive Data Exposure (Challenge)
- What is the name of the mentioned directory?
- Navigate to the directory you found in question one. What file stands out as being likely to contain sensitive data?
- Use the supporting material to access the sensitive data. What is the password hash of the admin user?
- Crack the hash.What is the admin's plaintext password?
- Login as the admin. What is the flag?

2021-02-21

TryHackMe(THM): Linux: Local Enumeration -walkthrough

TryHackMe walkthrough Writeup

シェル獲得後どうしたらいいかわからない人（私です）のためのRoom

https://tryhackme.com/room/lletryhackme.com

Task 1 Introduction
- Method 1:Browse to cmd.php and add the following php payload to the input field.
- Method 2:Upload a reverse shell file below and execute it using the cmd.php
Task 2 Unit 1 - tty
- How would you execute /bin/bash with perl?
Task 3 Unit 1 - ssh
- Where can you usually find the id_rsa file? (User = user)
- Is there an id_rsa file on the box? (yay/nay)
Task 4 Unit 2 - Basic enumeration
- How would you print machine hardware name only?
- Where can you find bash history?
- What's the flag?
Task 5 Unit 3 - /etc
- Can you read /etc/passwd on the box? (yay/nay)
Task 6 Unit 4 - Find command and interesting files
- What's the password you found?
- Did you find a flag?
Task 7 Unit 4 - SUID
- Which SUID binary has a way to escalate your privileges on the box?
- What's the payload you can use to read /etc/shadow with this SUID?
Task 8 [Bonus] - Port Forwarding
- Try using those commands on your system!
Task 9 Unit 5 - Automating scripts
- スクリプトの設置
- スクリプト実行
Task 10 Resources and what's next?

2021-02-13

TryHackMe(THM): John The Ripper -walkthrough 2/2

TryHackMe walkthrough Writeup

皆大好きジョンさんとあそぼう。後編です。

↓前編

nomizooon.hateblo.jp

Task 6 Cracking /etc/shadow Hashes
- What is the root password?
Task 7 Single Crack Mode
Task 8 Custom Rules
- What do custom rules allow us to exploit?
- What rule would we use to add all capital letters to the end of the word?
- What flag would we use to call a custom rule called "THMRules"
Task 9 Cracking Password Protected Zip Files
- What is the password for the secure.zip file?
- What is the contents of the flag inside the zip file?
Task 10 Cracking Password Protected RAR Archives
- What is the contents of the flag inside the zip file?
Task 11 Cracking SSH Keys with John
Task 12 Further Reading