About C.Margraff

This author has not yet filled in any details.
So far C.Margraff has created 3 blog entries.

Hackthebox : write-up for the box “Writeup”

2019-11-02T17:39:40+01:00 August 9th, 2019|Categories: Write Up|

Enumeration This is my first write-up and I choose to do it on the box "Writeup" because I think it's a fun box to start with. It's not a difficult box, and it's pretty straightforward. So let's start : First of all, we fire up nmap to see that there is only 2 ports open : 22 and 80. When we visit the webpage, there isn't much to see. Only a page saying that there is a DDOS protection and indeed, if we try to brute-force directory we get ban for a few minutes. At this point, I went [...]

Configure your first WAF with modsecurity

2019-05-19T21:31:45+01:00 May 15th, 2019|Categories: Tutorials|Tags: , |

Introduction A Web Application Firewall (WAF) is useful to block request trying to exploit vulnerabilities on your website. This is not 100% safe but it is a good start to improve the security of your web-server. We will see how to install and configure modsecurity on your web-server with apache. Modsecurity is WAF module on apache that allows you to add rules on every request send to your website. Therefore, you can block request that try to access forbidden resources or inject malicious data in your website. Installation First, you need to install the module and activate it by copying [...]

How ad-blockers work ?

2019-03-29T14:22:30+01:00 February 18th, 2019|Categories: Discover|Tags: , , , |

Main principles Ad-blockers are web-browser extensions that prevent the loading of undesired content, usually advertisements. Sometimes the content is still loaded but simply hidden from the user. These extensions are piece of code that interact with the web-browser and the browser engine. So first, what is the browser engine ? Browser engines are the main software component of every web-browser. Its role is to transform HTML (the code language used to construct your web page) and other resources into the actual webpage that users see. To make it simple, it takes the complicated stuff and transform it into a [...]