ITPro.tv CEH v10 course

My work has a partnership with skillport which includes lots of different books, videos and other courses you can take for free. One of the things that I’ve been grinding is the CEHv10 course from ITPro.tv. I finished it last night. They structure their videos into a section or two of vocab and explaining and then a section with exercises, which is a good format to learn. I don’t know how many hours the course was, but I finished it about 2 weeks, most of the time watching it at 1.25-2.0 times the speed.

I feel like I learned a lot of really cool things, I took notes more on the practical application of the CEH exam which to me was the most interesting. The last few hours was cryptography and I feel like they beat that over and over again and a lot of it wasn’t new information. They just launched a CEH v10 AIO book, so that’ll probably be my next thing, but I do officially start school in 2 days so I might have to wait on that for a little bit.

Back to school

After a few conversations I’ve had over the last couple of weeks, I’ve decided that I’m going back to school to get a Masters Degree. I went to WGU for my Bachelors, so it was easy to go back to WGU. I’ve selected the Cybersecurity and Information Assurance degree and everything is set for me to start on May 1st.

I’ve had a call with my mentor who got to the point and filled me on my next steps. I’ve been off and on about going back to school, but the thing that tipped me over the edge was a conversation I had with the Regional Leader of the ISC2 group. He is getting his MBA, and said something along the lines of ‘2 years will go by whether you get it or not’.

That made me think

If I had started 2 years ago, I could have had it – do I wish I would have done it?

Yes.

Ok then do it.

ssl certificates and burp suite

One of the requirements that I have for my work is to run vulnerability scans for our environment. For this specific requirement, I use Burp Suite to perform web scans. One issue that we’ve had since before I got here was our SSL Certificates were not valid (even though they were). This was very frustrating, but we were able to explain to the people viewing them that they we actually valid so we got them to sign off on the scans.

I don’t have a link to the article, but we originally referenced an issue with Burp Suite that said that there was a bug regarding the validation of SSL Certificates. We would reference this when saying that there was a problem with the certificate chain. Without getting into too much detail, it was the worst offender in our report and even though it had a pass, we’d have to explain it to a new auditor and hope that he was able to understand why it was actually valid.

In scanning one of the development sites, it was discovered that one site didn’t have the issue with the SSL Certificate. So we compared it to the others, and turns out that it was in the correct order. The root cert needed to be a the bottom (which I guess makes sense, but putting the root cert first also makes sense) and once we changed that in pre-prod the issue was gone. So we went into pre-prod and changed it and it to what the development environment was and it worked.

This had been an issue that persisted before I started here, and it was great to be a part of the solution.

picoCTF Recovering From the Snap

This one was fun. I hadn’t ever played around with recovering deleted files.

There used to be a bunch of animals here, what did Dr. Xernon do to them?

This level starts off with the file animals.dd.

A few things I checked on. It looks like this is a disk image. I mounted the image and there are 4 files, but nothing that would indicate a flag or anything.

initial cut at the file

I knew that .dd files were used in disk images, and a quick search lead me to some software called ‘testdisk’

Huh ok, let’s try ‘P’
This looks promising
arrowed down, then will press ‘c’

From here you select the directory you want to save the recovered file to.

This is the flag file

Pretty cool.