> Posts

Here are some posts I have written.

Wardriving coa Raspi no 2023: Dando unha volta polos wifis do lugar {gl}
Reversing con carraxe: Sacando contrasinais con angr {gl}
Using libfuzzer in autotools compiled projects {en, gl}
Tricks to improve console programs usability {en, gl}
A description of some tricks that have learnt from my experience that enhances the user experience of Linux console programs.
Heap analysis with radare2 {en, gl}
A review of the glibc allocator that manages the heap as well as the radare2 module to examinate its structures by using the debugger.
Kerberos I: How does Kerberos work? {en, es}
An introduction to the Kerberos protocol in Active Directory. The post describes the elements of the Kerberos environment, the basic procedures to get and use Kerberos tickets and the most common attacks against Kerberos.
Kerberos II: How to attack Kerberos? {en, es}
A review of the most basic Kerberos attacks that includes practical examples of how use known tools to attack Kerberos. The attacks included are: Brute-forcing, ASREProast, Kerberoast, Pass The Key/Over Pass the Hash, Pass the Ticket, Silver and Golden ticket.
Kerberos III: How does delegation works? {en, es}
A description of the mechanism used by Kerberos to perform delegation in an Active Directory environment. It also includes some attack scenarios where an pentester can take advantage of Kerberos delegation.