<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
	<channel>
		<title>Blog</title>
		<link>https://joshuachp.dev/</link>
		<description>Recent content on Blog</description>
		<generator>Hugo</generator>
		<language>en</language>
		
		
		
		
			<atom:link href="https://joshuachp.dev/index.xml" rel="self" type="application/rss+xml" />
			<item>
				<title>Axum Server</title>
				<link>https://joshuachp.dev/posts/2022-12-02_axum_server/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2022-12-02_axum_server/</guid>
				<description>&lt;h1 id=&#34;axum-server&#34;&gt;Axum Server&lt;/h1&gt;&#xA;&lt;p&gt;Install required dependencies&lt;/p&gt;&#xA;&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-bash&#34; data-lang=&#34;bash&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;cargo add axum&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;cargo add hyper --features&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;full&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;cargo add tokio --features&lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt;full&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;cargo add toker&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;Lets create a new function that will return the &lt;code&gt;axum::routing::Router&lt;/code&gt;. This will be the core of&#xA;our server.&lt;/p&gt;&#xA;&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-rust&#34; data-lang=&#34;rust&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#75715e&#34;&gt;// src/main.rs&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#66d9ef&#34;&gt;fn&lt;/span&gt; &lt;span style=&#34;color:#a6e22e&#34;&gt;app&lt;/span&gt;() -&amp;gt; &lt;span style=&#34;color:#a6e22e&#34;&gt;Router&lt;/span&gt; {&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;    Router::new().route(&lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;/&amp;#34;&lt;/span&gt;, get(&lt;span style=&#34;color:#f92672&#34;&gt;||&lt;/span&gt; &lt;span style=&#34;color:#66d9ef&#34;&gt;async&lt;/span&gt; { &lt;span style=&#34;color:#e6db74&#34;&gt;&amp;#34;Hello, World!&amp;#34;&lt;/span&gt; }))&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;}&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;Creating a function that returns the &lt;code&gt;Router&lt;/code&gt; will help us later to test our application.&lt;/p&gt;&#xA;&lt;p&gt;Add the tokio config to the main function.&lt;/p&gt;</description>
			</item>
			<item>
				<title>Axum sqlx database</title>
				<link>https://joshuachp.dev/posts/2022-12-10_axum_sqlx_database/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2022-12-10_axum_sqlx_database/</guid>
				<description>&lt;h1 id=&#34;axum-sqlx-database&#34;&gt;Axum sqlx database&lt;/h1&gt;&#xA;&lt;ul&gt;&#xA;&lt;li&gt;Install the dependencies:&#xA;&lt;code&gt;cargo add sqlx --features=runtime-tokio-native-tls,sqlite,macros,offline&lt;/code&gt;&#xA;&lt;ul&gt;&#xA;&lt;li&gt;use tokio since axum is based on it&lt;/li&gt;&#xA;&lt;li&gt;native TLS openssl but is the same as rust-ls&lt;/li&gt;&#xA;&lt;li&gt;sqlite as the database engine&lt;/li&gt;&#xA;&lt;li&gt;macros for type safe queries&lt;/li&gt;&#xA;&lt;li&gt;offline mode for CI and test&lt;/li&gt;&#xA;&lt;li&gt;&lt;code&gt;chrono&lt;/code&gt; &lt;em&gt;(optional)&lt;/em&gt; for dates and times&lt;/li&gt;&#xA;&lt;/ul&gt;&#xA;&lt;/li&gt;&#xA;&lt;li&gt;Install &lt;code&gt;sqlx-cli&lt;/code&gt; for migrations, through &lt;code&gt;nix&lt;/code&gt; or &lt;code&gt;cargo install&lt;/code&gt;&lt;/li&gt;&#xA;&lt;li&gt;Sqlite connection option:&#xA;&lt;ul&gt;&#xA;&lt;li&gt;see the series &lt;a href=&#34;https://fly.io/blog/sqlite-internals-wal/&#34;&gt;fly.io - sqlite internals wall&lt;/a&gt;&lt;/li&gt;&#xA;&lt;li&gt;&lt;code&gt;journal_mode=wall&lt;/code&gt;&lt;/li&gt;&#xA;&lt;/ul&gt;&#xA;&lt;/li&gt;&#xA;&lt;/ul&gt;&#xA;&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-rust&#34; data-lang=&#34;rust&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#66d9ef&#34;&gt;let&lt;/span&gt; options &lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt; SqliteConnectOptions::from_str(db_url)&lt;span style=&#34;color:#f92672&#34;&gt;?&lt;/span&gt;&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;    .journal_mode(SqliteJournalMode::Wal);&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#66d9ef&#34;&gt;let&lt;/span&gt; pool &lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt; SqlitePool::connect_with(options).&lt;span style=&#34;color:#66d9ef&#34;&gt;await&lt;/span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;?&lt;/span&gt;;&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;ul&gt;&#xA;&lt;li&gt;add it to the state of the application, pool is a value wrapped in an &lt;code&gt;Arc&lt;/code&gt; so it&amp;rsquo;s safe to clone&#xA;if needed and pass between threads.&lt;/li&gt;&#xA;&lt;/ul&gt;&#xA;&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-rust&#34; data-lang=&#34;rust&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#66d9ef&#34;&gt;let&lt;/span&gt; app &lt;span style=&#34;color:#f92672&#34;&gt;=&lt;/span&gt; app().with_state(State(pool));&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;</description>
			</item>
			<item>
				<title>CORS Laravel</title>
				<link>https://joshuachp.dev/posts/2019-10-02_cors_laravel/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2019-10-02_cors_laravel/</guid>
				<description>&lt;h1 id=&#34;cors-laravel&#34;&gt;CORS Laravel&lt;/h1&gt;&#xA;&lt;p&gt;I want to talk about the problems that I have encountered setting up CORS between a Laravel backend&#xA;server and a simple Html frontend hosted on a different domain, using the fetch API.&lt;/p&gt;&#xA;&lt;h2 id=&#34;what-is-cors&#34;&gt;What is CORS&lt;/h2&gt;&#xA;&lt;blockquote&gt;&#xA;&lt;p&gt;&lt;strong&gt;Cross-Origin Resource Sharing (CORS)&lt;/strong&gt; is a mechanism that uses HTTP headers to tell browsers to&#xA;give a web application running at one origin, access to selected resources from a different&#xA;origin. A web application executes a cross-origin HTTP request when it requests a resource that&#xA;has a different origin (domain, protocol, or port) from its own.&lt;/p&gt;</description>
			</item>
			<item>
				<title>CyberChallengeIT CTF - Group Challenge</title>
				<link>https://joshuachp.dev/posts/2020-01-06_cyber_challenge/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2020-01-06_cyber_challenge/</guid>
				<description>&lt;h1 id=&#34;cyberchallengeit-ctf---group-challenge&#34;&gt;CyberChallengeIT CTF - Group Challenge&lt;/h1&gt;&#xA;&lt;p&gt;During the last week of preparation for che Cyber Challenge IT CTF, we were asked to do a CTF&#xA;challenge our self. We were divided in groups and given a month to come up with a challenge.&lt;/p&gt;&#xA;&lt;p&gt;Our group create an easy and guided challenge, since we were required to solve it in one hour. It&#xA;will cover some basic aspect of all the kind of challenges types like Web Security, Reversing,&#xA;Forensics, Cryptography.&lt;/p&gt;</description>
			</item>
			<item>
				<title>GoatCounter Analytics for NextJS</title>
				<link>https://joshuachp.dev/posts/2023-02-28_goatcounter_analytics/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2023-02-28_goatcounter_analytics/</guid>
				<description>&lt;h1 id=&#34;goatcounter-analytics-for-nextjs&#34;&gt;GoatCounter Analytics for NextJS&lt;/h1&gt;&#xA;&lt;p&gt;GoatCounter Analytics is a privacy-friendly web analytics tool perfect for small websites like&#xA;blogs. It is free and open source, and it also has a self hosted option.&lt;/p&gt;&#xA;&lt;p&gt;I started using it in this blog, to see how a better understanding the traffic, while still being&#xA;privacy-friendly. Before, I was using the panel provided by Cloudflare, which is also a good option.&#xA;But it didn&amp;rsquo;t provide me with enough information like the number of page views per page or article&#xA;or the &lt;a href=&#34;https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referer&#34;&gt;Referrer&lt;/a&gt; information.&lt;/p&gt;</description>
			</item>
			<item>
				<title>GPG Key Rotation</title>
				<link>https://joshuachp.dev/posts/2023-02-10_gpg_key_rotation/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2023-02-10_gpg_key_rotation/</guid>
				<description>&lt;h1 id=&#34;gpg-key-rotation&#34;&gt;GPG Key Rotation&lt;/h1&gt;&#xA;&lt;p&gt;GPG, or Gnu Privacy Guard, is a widely-used cryptography tool for secure communication, digital&#xA;signatures, and file encryption. GPG key rotation is the process of changing your primary GPG key,&#xA;either for security reasons or for changing the encryption algorithm used in your key.&lt;/p&gt;&#xA;&lt;p&gt;In this article, we will go through the steps of GPG key rotation, from generating a new key to&#xA;updating your configuration files and services.&lt;/p&gt;</description>
			</item>
			<item>
				<title>Reply Challenge 2020 - That&#39;s what server says</title>
				<link>https://joshuachp.dev/posts/2020-10-10_reply_challenges_2020_that_is_what_server_says/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2020-10-10_reply_challenges_2020_that_is_what_server_says/</guid>
				<description>&lt;h1 id=&#34;reply-challenge-2020---thats-what-server-says&#34;&gt;Reply Challenge 2020 - That&amp;rsquo;s what server says&lt;/h1&gt;&#xA;&lt;p&gt;This is the Writeup for the 300 points Web challenge for Reply Challenge CTF. During the CTF I and&#xA;my team achieved first blood on this challenge. The challenge consists of finding a service endpoint&#xA;on a web page, with a login API. Then you have to exploit an &lt;strong&gt;XXE&lt;/strong&gt; (XML External Entities)&#xA;Injection to get an &lt;strong&gt;LFI&lt;/strong&gt; (Local File Inclusion) to get the sysadmin credentials to login on the&#xA;service and get the flag.&lt;/p&gt;</description>
			</item>
			<item>
				<title>Systemd Units</title>
				<link>https://joshuachp.dev/posts/2023-03-28_systemd_units/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2023-03-28_systemd_units/</guid>
				<description>&lt;h1 id=&#34;systemd-units&#34;&gt;Systemd Units&lt;/h1&gt;&#xA;&lt;p&gt;Systemd is a system and service manager for Linux. It is the default init system for a lot of&#xA;distros and is awesome to manage services, sockets, timers, (and much more but we don&amp;rsquo;t talk about&#xA;that).&lt;/p&gt;&#xA;&lt;h2 id=&#34;what-is-a-unit&#34;&gt;What is a unit?&lt;/h2&gt;&#xA;&lt;p&gt;A unit is a configuration file that describes a process or a group of processes. It configures how&#xA;the process should be started, stopped, restarted, and so on. It declares the dependencies between&#xA;units and the order in which they should be started. It can also configure the resources that the&#xA;process requires, such as the amount of memory or the number of open files.&lt;/p&gt;</description>
			</item>
			<item>
				<title>TryHackMe - Blue</title>
				<link>https://joshuachp.dev/posts/2020-09-03_tryhackme_blue/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2020-09-03_tryhackme_blue/</guid>
				<description>&lt;h1 id=&#34;tryhackme---blue&#34;&gt;TryHackMe - Blue&lt;/h1&gt;&#xA;&lt;blockquote&gt;&#xA;&lt;p&gt;The room link can be found at &lt;a href=&#34;https://tryhackme.com/room/blue&#34;&gt;TryHackMe - Blue&lt;/a&gt;&lt;/p&gt;&#xA;&lt;/blockquote&gt;&#xA;&lt;p&gt;For this room, I will be using the Metasploit framework.&lt;/p&gt;&#xA;&lt;h2 id=&#34;recon&#34;&gt;Recon&lt;/h2&gt;&#xA;&lt;p&gt;We begin with a Nmap of the box to see the services and get their version.&lt;/p&gt;&#xA;&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-bash&#34; data-lang=&#34;bash&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;msf5 &amp;gt; db_nmap -sC -sV 10.10.47.219&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;Now we can see all the running services with the &lt;code&gt;services&lt;/code&gt; command.&lt;/p&gt;&#xA;&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-bash&#34; data-lang=&#34;bash&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;msf5 &amp;gt; services&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;Services&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;========&lt;/span&gt;&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;host           port   proto  name               state  info&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;----           ----   -----  ----               -----  ----&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;10.10.47.219   &lt;span style=&#34;color:#ae81ff&#34;&gt;135&lt;/span&gt;    tcp    msrpc              open   Microsoft Windows RPC&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;10.10.47.219   &lt;span style=&#34;color:#ae81ff&#34;&gt;139&lt;/span&gt;    tcp    netbios-ssn        open   Microsoft Windows netbios-ssn&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;10.10.47.219   &lt;span style=&#34;color:#ae81ff&#34;&gt;445&lt;/span&gt;    tcp    microsoft-ds       open   Windows &lt;span style=&#34;color:#ae81ff&#34;&gt;7&lt;/span&gt; Professional &lt;span style=&#34;color:#ae81ff&#34;&gt;7601&lt;/span&gt; Service Pack &lt;span style=&#34;color:#ae81ff&#34;&gt;1&lt;/span&gt; microsoft-ds workgroup: WORKGROUP&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;10.10.47.219   &lt;span style=&#34;color:#ae81ff&#34;&gt;3389&lt;/span&gt;   tcp    ssl/ms-wbt-server  open&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;10.10.47.219   &lt;span style=&#34;color:#ae81ff&#34;&gt;49152&lt;/span&gt;  tcp    msrpc              open   Microsoft Windows RPC&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;10.10.47.219   &lt;span style=&#34;color:#ae81ff&#34;&gt;49153&lt;/span&gt;  tcp    msrpc              open   Microsoft Windows RPC&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;10.10.47.219   &lt;span style=&#34;color:#ae81ff&#34;&gt;49154&lt;/span&gt;  tcp    msrpc              open   Microsoft Windows RPC&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;10.10.47.219   &lt;span style=&#34;color:#ae81ff&#34;&gt;49158&lt;/span&gt;  tcp    msrpc              open   Microsoft Windows RPC&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;10.10.47.219   &lt;span style=&#34;color:#ae81ff&#34;&gt;49160&lt;/span&gt;  tcp    msrpc              open   Microsoft Windows RPC&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;On this machine, we will focus on the &lt;strong&gt;SMB&lt;/strong&gt; service which is on port &lt;code&gt;445&lt;/code&gt;.&lt;/p&gt;&#xA;&lt;p&gt;We can gather more information using the module &lt;code&gt;auxiliary/scanner/smb/smb_version&lt;/code&gt;. Running it the&#xA;services page will lock more like this.&lt;/p&gt;&#xA;&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-bash&#34; data-lang=&#34;bash&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;10.10.47.219  &lt;span style=&#34;color:#ae81ff&#34;&gt;445&lt;/span&gt;    tcp    smb                open   Windows &lt;span style=&#34;color:#ae81ff&#34;&gt;7&lt;/span&gt; Professional SP1 &lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;build:7601&lt;span style=&#34;color:#f92672&#34;&gt;)&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;name:JON-PC&lt;span style=&#34;color:#f92672&#34;&gt;)&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;workgroup:WORKGROUP &lt;span style=&#34;color:#f92672&#34;&gt;)&lt;/span&gt; &lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;signatures:optional&lt;span style=&#34;color:#f92672&#34;&gt;)&lt;/span&gt;&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;Also we run &lt;code&gt;auxiliary/scanner/smb/smb1&lt;/code&gt; to check if the box has support for SMBv1.&lt;/p&gt;&#xA;&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-bash&#34; data-lang=&#34;bash&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;msf5 auxiliary&lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;scanner/smb/smb1&lt;span style=&#34;color:#f92672&#34;&gt;)&lt;/span&gt; &amp;gt; run&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;[&lt;/span&gt;+&lt;span style=&#34;color:#f92672&#34;&gt;]&lt;/span&gt; 10.10.47.219:445      - 10.10.47.219 supports SMBv1 dialect.&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;[&lt;/span&gt;*&lt;span style=&#34;color:#f92672&#34;&gt;]&lt;/span&gt; 10.10.47.219:445      - Scanned &lt;span style=&#34;color:#ae81ff&#34;&gt;1&lt;/span&gt; of &lt;span style=&#34;color:#ae81ff&#34;&gt;1&lt;/span&gt; hosts &lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;100% complete&lt;span style=&#34;color:#f92672&#34;&gt;)&lt;/span&gt;&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;[&lt;/span&gt;*&lt;span style=&#34;color:#f92672&#34;&gt;]&lt;/span&gt; Auxiliary module execution completed&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;As the machine name implies the box could be exploitable via &lt;strong&gt;EternalBlue&lt;/strong&gt;. Since the machine has&#xA;&lt;strong&gt;Windows 7&lt;/strong&gt; installed and &lt;strong&gt;SMBv1&lt;/strong&gt; enabled, it is most likely vulnerable. You can read more here&#xA;&lt;a href=&#34;https://docs.microsoft.com/en-us/security-updates/SecurityBulletins/2017/ms17-010&#34;&gt;Microsoft - EternalBlue&lt;/a&gt;.&lt;/p&gt;&#xA;&lt;p&gt;We can check if the machine is vulnerable by running the module&#xA;&lt;code&gt;auxiliary/scanner/smb/smb_ms17_010&lt;/code&gt;.&lt;/p&gt;&#xA;&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-bash&#34; data-lang=&#34;bash&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;msf5 auxiliary&lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;scanner/smb/smb_ms17_010&lt;span style=&#34;color:#f92672&#34;&gt;)&lt;/span&gt; &amp;gt; run&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;[&lt;/span&gt;+&lt;span style=&#34;color:#f92672&#34;&gt;]&lt;/span&gt; 10.10.47.219:445      - Host is likely VULNERABLE to MS17-010! - Windows &lt;span style=&#34;color:#ae81ff&#34;&gt;7&lt;/span&gt; Professional &lt;span style=&#34;color:#ae81ff&#34;&gt;7601&lt;/span&gt; Service Pack &lt;span style=&#34;color:#ae81ff&#34;&gt;1&lt;/span&gt; x64 &lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;64-bit&lt;span style=&#34;color:#f92672&#34;&gt;)&lt;/span&gt;&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;[&lt;/span&gt;*&lt;span style=&#34;color:#f92672&#34;&gt;]&lt;/span&gt; 10.10.47.219:445      - Scanned &lt;span style=&#34;color:#ae81ff&#34;&gt;1&lt;/span&gt; of &lt;span style=&#34;color:#ae81ff&#34;&gt;1&lt;/span&gt; hosts &lt;span style=&#34;color:#f92672&#34;&gt;(&lt;/span&gt;100% complete&lt;span style=&#34;color:#f92672&#34;&gt;)&lt;/span&gt;&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;&lt;span style=&#34;color:#f92672&#34;&gt;[&lt;/span&gt;*&lt;span style=&#34;color:#f92672&#34;&gt;]&lt;/span&gt; Auxiliary module execution completed&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;</description>
			</item>
			<item>
				<title>TryHackMe - Easy Peasy</title>
				<link>https://joshuachp.dev/posts/2020-08-06_tryhackme_easy_peasy/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2020-08-06_tryhackme_easy_peasy/</guid>
				<description>&lt;h1 id=&#34;tryhackme---easy-peasy&#34;&gt;TryHackMe - Easy Peasy&lt;/h1&gt;&#xA;&lt;blockquote&gt;&#xA;&lt;p&gt;The room link can be found at &lt;a href=&#34;https://tryhackme.com/room/easypeasyctf&#34;&gt;TryHackMe - Easy Peasy&lt;/a&gt;&lt;/p&gt;&#xA;&lt;/blockquote&gt;&#xA;&lt;h2 id=&#34;enumeration&#34;&gt;Enumeration&lt;/h2&gt;&#xA;&lt;p&gt;First we scan for open ports and services&lt;/p&gt;&#xA;&lt;h3 id=&#34;nmap&#34;&gt;Nmap&lt;/h3&gt;&#xA;&lt;p&gt;We use nmap with some default arguments.&lt;/p&gt;&#xA;&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-bash&#34; data-lang=&#34;bash&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;sudo nmap -sV -sC -oA nmap/first $IP&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;It will return.&lt;/p&gt;&#xA;&lt;pre tabindex=&#34;0&#34;&gt;&lt;code&gt;PORT   STATE SERVICE VERSION&#xA;80/tcp open  http    nginx 1.16.1&#xA;| http-robots.txt: 1 disallowed entry&#xA;|_/&#xA;|_http-server-header: nginx/1.16.1&#xA;|_http-title: Welcome to nginx!&#xA;&lt;/code&gt;&lt;/pre&gt;&lt;p&gt;From the first scan we can see that port &lt;code&gt;80&lt;/code&gt; is open with &lt;strong&gt;nginx&lt;/strong&gt; version &lt;code&gt;1.16.1&lt;/code&gt;&lt;/p&gt;</description>
			</item>
			<item>
				<title>TryHackMe - Vulnversity</title>
				<link>https://joshuachp.dev/posts/2020-09-02_tryhackme_vulnversity/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2020-09-02_tryhackme_vulnversity/</guid>
				<description>&lt;h1 id=&#34;tryhackme---vulnversity&#34;&gt;TryHackMe - Vulnversity&lt;/h1&gt;&#xA;&lt;blockquote&gt;&#xA;&lt;p&gt;The room link can be found at &lt;a href=&#34;https://tryhackme.com/room/vulnversity&#34;&gt;TryHackMe - Vulnversity&lt;/a&gt;&lt;/p&gt;&#xA;&lt;/blockquote&gt;&#xA;&lt;h2 id=&#34;reconnaissance&#34;&gt;Reconnaissance&lt;/h2&gt;&#xA;&lt;h3 id=&#34;nmap&#34;&gt;Nmap&lt;/h3&gt;&#xA;&lt;p&gt;First, we do a simple Nmap scan&lt;/p&gt;&#xA;&lt;div class=&#34;highlight&#34;&gt;&lt;pre tabindex=&#34;0&#34; style=&#34;color:#f8f8f2;background-color:#272822;-moz-tab-size:4;-o-tab-size:4;tab-size:4;-webkit-text-size-adjust:none;&#34;&gt;&lt;code class=&#34;language-sh&#34; data-lang=&#34;sh&#34;&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;nmap $IP&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;PORT     STATE SERVICE&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;21/tcp   open  ftp&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;22/tcp   open  ssh&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;139/tcp  open  netbios-ssn&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;445/tcp  open  microsoft-ds&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;3128/tcp open  squid-http&#xA;&lt;/span&gt;&lt;/span&gt;&lt;span style=&#34;display:flex;&#34;&gt;&lt;span&gt;3333/tcp open  dec-notes&#xA;&lt;/span&gt;&lt;/span&gt;&lt;/code&gt;&lt;/pre&gt;&lt;/div&gt;&lt;p&gt;We find six ports open, we can now make a more in-depth scan with &lt;code&gt;nmap -sC -sV $IP&lt;/code&gt;. It will found&#xA;the service type and version.&lt;/p&gt;</description>
			</item>
			<item>
				<title>ZSH configuration</title>
				<link>https://joshuachp.dev/posts/2022-06-19_zsh_configuration/</link>
				<pubDate>Mon, 01 Jan 0001 00:00:00 +0000</pubDate>
				<guid>https://joshuachp.dev/posts/2022-06-19_zsh_configuration/</guid>
				<description>&lt;h1 id=&#34;zsh-configuration&#34;&gt;ZSH configuration&lt;/h1&gt;&#xA;&lt;p&gt;I wanted to reconfigure the my zsh setup.&lt;/p&gt;&#xA;&lt;p&gt;Before, I was using &lt;a href=&#34;https://ohmyz.sh/&#34;&gt;Oh My ZSH&lt;/a&gt;. Which is a wonderful configuration framework for&#xA;&lt;code&gt;zsh&lt;/code&gt;.&lt;/p&gt;&#xA;&lt;p&gt;The problem I had was not using the feature that it provided. I was only using the base&#xA;configuration and two plugins: &lt;code&gt;git&lt;/code&gt; and &lt;code&gt;sudo&lt;/code&gt;. Also, I didn&amp;rsquo;t use any theme since I prefer the&#xA;&lt;a href=&#34;https://starship.rs/&#34;&gt;starship&lt;/a&gt; prompt.&lt;/p&gt;&#xA;&lt;p&gt;I wanted to strip down the configuration and remove this dependency. So I looked at the &lt;code&gt;omz&lt;/code&gt;&#xA;configurations and &lt;code&gt;man zsh(1)&lt;/code&gt; to came up with the following configuration. Another source was the&#xA;&lt;a href=&#34;https://github.com/sorin-ionescu/prezto/&#34;&gt;prezto&lt;/a&gt; framework, that you could look at for an&#xA;alternative to &lt;code&gt;omz&lt;/code&gt;.&lt;/p&gt;</description>
			</item>
	</channel>
</rss>
