Skyper's blog

Personal blog about IT, Electronics, InfoSec, Hacking, Bug Hunting...

    [Vim] Set up CodeQL LSP

    CodeQL CLI includes a language server which can be easily set up in coc.nvim by adding the content of this coc-settings.json file to your own configuration file:

    {
  "languageserver":{
    "codeql": {
      "command": "codeql",
      "args": [
        "execute",
        "language-server",
        "--check-errors",
        "ON_CHANGE",
        "-q"
      ],
      "filetypes": [
        "codeql",
        "ql"
      ],
      "initializationOptions": {},
      "settings": {}
    }
}

    Given that coc.nvim uses Vim filetype detection system and not file extensions, you need to let Vim know about *.ql files being CodeQL files. One way to do that is to add codeql.vim to ~/.vim/ftdetect:

    " Set '.ql' files as CodeQL files.
au BufRead,BufNewFile *.ql set filetype=codeql
    Programming CodeQL · Vim

    [Docker] Explore a container's file system from scratch

    Generally, when I want to explore the file system of a Docker container, I do it interactively by executing a shell inside it, something like:

    $ docker exec -it container_name sh
$ ls
...

    But sometimes the image of the container I want to explore does not contain any tools for this purpose. No ls, no cat, not even a shell. It is especially the case when building Docker images from scratch, which is very common with multi-stage builds.

    One solution is to rely on the docker export tool which allows to "export a container's filesystem as a tar archive". By default, it writes the tar archive to STDOUT, which means it can be easily piped into the tar command-line tool to list its contents on the fly:

    $ docker export 7c1f2edd42c4 | tar -tv | tee filesystem.txt
-rwxr-xr-x root/root         0 2022-04-04 09:46 .dockerenv
drwxr-xr-x root/root         0 2022-03-19 15:52 bin/
-rwxr-xr-x root/root  45687736 2022-03-19 15:52 bin/node
...
    SysAdmin Docker

    [HTB] Admirer

    Admirer is an easy Hack The Box Linux-based machine released on the 2nd of May 2020 and reachable on the IP address 10.10.10.187.

    For whose who don't know it yet, Hack The Box is an online platform where vulnerable machines are deployed in a private network accessible via VPN, and where users need to hack their way into the systems to collect flags as proofs of their success.

    HTB Admirer information card

    Read more Security CTF · Web · Write-up

    [HTB] Traceback

    Traceback is an easy Linux-based machine released on the 14th of March 2020 and reachable on the IP address 10.10.10.181 (despite what's written on the info card).

    HTB Traceback information card

    Read more Security CTF · Web · Write-up

    Hacker 101 - Capture the Flags with a Regex

    Enjoying HackerOne's CTF?

    If you want to make sure not to inadvertently miss any single flag while skimming through web pages, you can ask ZAP to catch them for you with this regex: \^FLAG\^[\w\d]{64}\$FLAG\$

    ZAP settings to capture Hacker 101 flags automatically

    A "Flag" tag will appear next the requests containing a flag in their response:

    HTTP request captured with ZAP containing a Hacker 101 flag

    This technique is particularly useful when a flag appears in a non-obvious location such as an HTML comment.

    Security CTF · ZAP · Web