System Overlord

A blog about security engineering, research, and general hacking.

Certifications Aren't as Big a Deal as You Think

15 Mar 2019 in Security (Reading time: 10 minutes)

For some reason, security certifications get discussed a lot, particularly in forums catering to those newer to the industry. (See, for example, /r/asknetsec.) Now I’m not talking about business certifications (ISO, etc.) but personal certifications that allegedly demonstrate some kind of skill on behalf of the individual. There seems to be a lot of focus on certifications that you “need” or that will land you your dream security job.

I’m going to make the claim that you should stop worrying about certifications and instead spend your time learning things that will help you in the real world – or better yet, actually applying your skills in the real world. There are likely some people who will strongly disagree with me, and that’s good, but I want it to be a discussion that people think about, instead of just assuming certifications are some kind of magic wand.

Read More...

Running the BSides SF 2019 CTF

10 Mar 2019 in Security (Reading time: 1 minute)

I’ve just written a post for the BSidesSF blog about running the BSidesSF 2019 CTF. Check it out and feel free to get in touch if you have feedback.

BSides SF CTF Author Writeup: Flagsrv

08 Mar 2019 in Security (Reading time: 4 minutes)

Flagsrv was a 300 point web challenge in this year’s BSidesSF CTF. The description was a simple one:

We’ve built a service for the sole purpose of serving up flags!

The account you want is named ‘flag’.

Read More...

BSides SF CTF Author Writeup: Cloud2Clown

07 Mar 2019 in Security (Reading time: 5 minutes)

The Challenge

Sometimes you see marketing materials that use the word cloud to the point that it starts to lose all meaning. This service allows you to fix that with clowns instead of clouds. Note: there are 2 flags, they should be clearly labeled.

Read More...

Understanding Shellcode: The Reverse Shell

30 Oct 2018 in Security (Reading time: 12 minutes)

A recent conversation with a coworker inspired me to start putting together a series of blog posts to examine what it is that shellcode does. In the first installment, I’ll dissect the basic reverse shell.

First, a couple of reminders: shellcode is the machine code that is injected into the flow of a program as the result of an exploit. It generally must be position independent as you can’t usually control where it will be loaded in memory. A reverse shell initiates a TCP connection from the compromised host back to a host under the control of the attacker. It then launches a shell with which the attacker can interact.

Read More...