Ben's ideas and projects
Security, Computer Networking, Photography, Electronics, and Technology
My OSCP Experience
My OSCP Experience
· β˜• 6 min read · ✍️ suidroot
What is the OSCP Offensive Security Certified Professional (OSCP) is an entry-level hands-on penetration testing certification. The OSCP is one of a few certifications by Offensive Security. It consists of the self-study Penetration Testing Training with Kali Linux (PwK) class and an online proctored practical exam. The course costs at minimum $800 USD and includes 30 days of lab access and one OSCP exam attempt. There are packages that include longer lab access and you can extend your lab access if you find you need longer to prepare.
Link: Exploring Key Features of Cisco ISE Release 2.6
Link: Exploring Key Features of Cisco ISE Release 2.6
· β˜• 1 min read · ✍️ suidroot
In July I wrote for the CDW blog about the new version of the Cisco Identity Services Engine (ISE) software. Exploring Key Features of Cisco ISE Release 2.6 The latest version of this cybersecurity tool offers unique device identification and an IoT protocol.
DIGOO DG-HOSA - Part 1 (Teardown and Hardware)
DIGOO DG-HOSA - Part 1 (Teardown and Hardware)
· β˜• 4 min read · ✍️ suidroot
This project started with the idea of purchasing a cheap security system off one of the Chinese stores. After a little hunting, I found Digoo DG HOSA 433MHz 2G&GSM&WIFI Smart Home Security Alarm System Protective Shell Alert with APP which looked interesting so picked one up to tear apart. I was curious about how various communication methods were implemented. This is the first part of this adventure the next part will be exploring the firmware of the device.
OpenSky Radio Trunking System
OpenSky Radio Trunking System
· β˜• 3 min read
OpenSky is a proprietary trunking radio that is designed to carry both voice and data traffic. the protocol is marketed as to be secure and private. Opensky operates on the 700, 800, and 900 MHz bands. OpenSky was originally developed by M/A-Com as part of the Monarch wireless voice and data system for FedEx in the 90s. Later M/A Com was purchased by Tyco Electronics who was then purchased by Harris RF Communications.
Link: Enhancing Password Security Through Memorized Secrets
Link: Enhancing Password Security Through Memorized Secrets
· β˜• 1 min read · ✍️ suidroot
In March I posted the following article on CDW blog Enhancing Password Security Through Memorized Secrets Revisiting NIST recommendations provides some essential techniques for protecting your organization’s accounts
BSidesNH 2019 Recap
BSidesNH 2019 Recap
· β˜• 2 min read · ✍️ suidroot
Back on May 18th, I attended the inaugural BsidesNH event. It was a fantastic one-day event. The day started pretty early for me driving down from Maine arriving at Southern NH University. I arrived to pick up the fantastic badge made out of an old 3.5β€³ disk. After grabbing some coffee and a snack I settled into the auditorium and for a day of great talks. There were a few that stood out to me from the day that I will talk about.
Hashcat in AWS EC2
Hashcat in AWS EC2
· β˜• 8 min read · ✍️ suidroot
Intro During my OSCP studies, I realized I needed a more efficient system for cracking password hashes. The screaming CPU fans and high CPU usage became a problem. I first tried using hashcat and the GPU on my MacBook Pro in OS X. There are some bugs and problems with hashcat on OS X that would make it crash in the middle of cracking a hash. Also, I was not interested in investing a server with a bunch of GPUs, the high costs to do this would outweigh the amount of time I need the system.
OSCP Notes
· β˜• 1 min read · ✍️ Ben Mason
Topic Index Note: This material is based on the First revision of the OSCP and does not cover topics in the new version (v2?) OSCP Notes – Buffer Overflows OSCP Notes – Enumeration OSCP Notes – Metasploit OSCP Notes – Password attacks OSCP Notes – Pivoting OSCP Notes – Shell and Linux / UNIX OSCP Notes – Web Exploitation OSCP Notes – Windows Student Notes and Guides OSCP Goldmine (not clickbait) | 0xc0ffeeβ˜• My OSCP Diary – Week 1 – Threat Week GitHub – areyou1or0/OSCP: OSCP abatchy’s blog | How to prepare for PWK/OSCP, a noob-friendly guide Thunderson’s Journey To The OSCP Passing OSCP – scund00r Introduction Β· Total OSCP Guide Introduction Β· OSCP – Useful Resources The Journey to Try Harder: TJnull’s Preparation Guide for PWK/OSCP | NetSec Focus Thoughts on OSCP certification and the exam!
How to set up a Meraki API Test environment
How to set up a Meraki API Test environment
· β˜• 5 min read · ✍️ suidroot
I needed to set up and Meraki API key to test, well an Meraki API that was in beta. This is the process I used to get started with some of the basics of the Meraki API and getting a test environment up and running. There are lots of great references covering the basics of REST APIs like the REST API Tutorial. These resources will do a much better job then I can of explaining REST APIs.
March 2019 NX-OS Vulnerability Dump
· β˜• 3 min read · ✍️ suidroot
On March 6th Cisco released 29 high and medium rated PSIRT notices for NX-OS based platforms. These platforms include the Cisco Nexus 3000 – 9000 series and Nexus adjacent platforms FX-OS and UCS Fabric Interconnect platforms. Not all advisories affect all platforms but all platforms are affected by at least one high rated vulnerability. The vulnerabilities range from command and code execution, privilege escalation, denial of service, and arbitrary file read vulnerabilities.
My Notes
· β˜• 1 min read · ✍️ Ben Mason
This is a collection of notes from my notebook I’ve made for various language, applications and whatever else I am doing. The notes are informal, random and not comprehensive. AVR Development C Notes gdb notes git / GitHub notes Pointers in C / C++ Radare2 Cheatsheet STM32 Development Notes Strings in C tmux Notes VI Notes
Small Projects: Temperature, Humidity and Light Sensor
· β˜• 1 min read · ✍️ suidroot
This post is some free-ish form notes about a project that is either work in progress or complete. Description This project is a small sensor to monitor Temperature, Humidity, and Light levels. The project may end up in a toy Star Trek TNG Tricorder case at some point in the future, but I wanted to document where it is at a today. Originally I used an Adafruit Huzzah (ESP12) board, but after I determined I wasn’t going to use the wifi, I switched to the Adafruit Adalogger board.