Hi there 🦜

I’m Jannis, a 26-year-old pentester from Germany 🇩🇪 with over 3 years of experience and certification as OSCP. I’ll be sharing mainly IT-related content here, but who knows what else might pop up. In my free time, I enjoy diving into challenges on platforms like Hack The Box and TryHackMe 🕵️‍♂️, as well as tinkering with my car and electronics 🚗💻.
Metabo Sb EDV 800/2S R+L

Restoring an old Metabo Sb EDV 800/2S R+L Drill

While scrolling through old machines on Kleinanzeigen, I stumbled upon this wonderful Metabo Sb EDV 800/2S R+L drill which I could not resist buying and would be a really good addition to my workshop in a drill stand. So without wasting a second, I bought it for €25 and started researching how to replace the electric motor’s carbon brushes and where to renew the grease to make it work like on day one....

May 1, 2024 · Jannis
einhell saw

Replacing the sawblade of a Einhell TC-SM 2131/2 Dual

I recently received the Einhell TC-SM 2131/2 Dual miter saw as a birthday present from my lovely girlfriend and decided to pimp it with a Premium saw blade from Falkenwald that is optimized for fine cuts. The first thing you need to pay attention to is the size of the saw blade, in my case it is 210mm × 30mm, you should be able to buy it on Amazon. To remove the original saw blade from the miter saw, you need to unscrew the following screw....

May 1, 2024 · Jannis

Writing a Bash Script to Backup to Backblaze B2

In this tutorial, we’ll walk through the creation of a bash script that utilizes Restic to perform backups to Backblaze B2 cloud storage and sends email notifications in case of failure. Restic is a modern backup program that offers efficient deduplication and encryption features. Prerequisites Before getting started, make sure you have the following: A Backblaze B2 account and access keys Restic installed on your system Access to an SMTP server for sending emails Script Overview The bash script should perform the following tasks:...

April 26, 2024 · Jannis
MrCat a Signal Bot

Writing a Signal Bot in Python

I’m in the process of developing a signal bot with the capability to automatically download videos. Additionally, I’m exploring the potential to integrate features such as reminders and scheduled calls into its functionality. Keep an eye out for further developments on this project! To run the signal bot, you need to install the corresponding PyPI package and configure the signal-cli-rest-api on your host system. https://github.com/filipre/signalbot https://github.com/bbernhard/signal-cli-rest-api#getting-started Execute the following command to install the dependencies via pip:...

April 25, 2024 · Jannis
Terraria

Run a TShock Terraria Server on Proxmox in a LXC Container

After rediscovering an old favorite in the Google Play Store, Terraria, a game I adored playing in my youth, I felt inspired to set up a server on my Proxmox server for some nostalgic gaming sessions during my downtime. To my surprise, I found that it was possible to connect to a standard desktop server using the Android version. A brief google search led me to TShock (https://github.com/Pryaxis/TShock), a community-maintained open-source Terraria server written in C# ....

April 20, 2024 · Jannis
Aero.htb

HackTheBox - Aero.htb

User flag Aero.htb Use my implementation of CVE-2023-38146 to generate a malicious Windows 11 theme and upload it to the machine. This should get you the user shell. Root flag After looking around for stuff on the machine, I found a PDF file in the C:/Users/sam.emerson/Documents folder that says something about CVE-2023-28252. 📄 So, I compiled it and replaced notepad.exe with a reverse shell executable, compiled it using Visual Studio and gained the system shell....

April 1, 2024 · Jannis
WifineticTwo.htb

HackTheBox - WifineticTwo.htb

User flag The only interesting thing is running on port 8080: http://10.129.175.20:8080/. OpenPLC which uses default credentials openplc:openplc. To exploit this thing, navigate to the Hardware tab and append the following C code to the Hardware Layer Code Box: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 #include <stdio.h> #include <sys/socket.h> #include <sys/types....

April 1, 2024 · Jannis
Analysis.htb

HackTheBox - Analysis.htb

User flag Analysis.htb I started by enumerating the VHosts on the webserver as there was no obvious vulnerability on the website: 1 ffuf -w /usr/share/seclists/Discovery/DNS/subdomains-top1million-5000.txt -u http://analysis.htb/ -H "Host: FUZZ.analysis.htb" The only result should be internal.analysis.htb so let’s fuzz more: 1 ffuf -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u http://internal.analysis.htb/FUZZ After extensive fuzzing, I discovered a PHP file which is interesting: 1 ffuf -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u http://internal.analysis.htb/users/FUZZ.php By now, we have a file named list....

April 1, 2024 · Jannis