https://xphantom.nl/Ahmed Sherifthis blog is dedicated to the exciting world of red teaming, offensive security, security research, and security code review. I like to share my insights and experiences on the latest tools, techniques, and trends in cybersecurity. Stay informed and stay ahead of the game with our regular updates and insights. 2025-02-10T11:54:10+01:00 Ahmed Sherif https://xphantom.nl/ Jekyll © 2025 Ahmed Sherif /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png Build Your Own Offensive Security Lab A Step-by-Step Guide with Ludus2025-02-09T13:33:37+01:00 2025-02-10T11:05:42+01:00 https://xphantom.nl/posts/Offensive-Security-Lab/ Ahmed Sherif TL;DR: If you’re looking to set up your own lab for practicing offensive and defensive security techniques, this post is for you. In this guide, I’ll walk you through my experience with Ludus and demonstrate how to build a red team lab using this tool—the simplest and most efficient method I’ve discovered so far. The lab will feature an Active Directory environment (using GOAD) integrated with... From Limited file read to full access on Jenkins (CVE-2024-23897)2024-07-02T13:33:37+02:00 2025-02-10T11:53:47+01:00 https://xphantom.nl/posts/crypto-attack-jenkins/ Ahmed Sherif TL;DR: As a red teamer, you encountered a Jenkins instance that is vulnerable to CVE-2024-23897, which allowed for limited arbitrary file read. Without credentials and with the /script endpoint inaccessible, you sought to leverage this vulnerability by revealing Hudson to decypt the credentials. What is CVE-2024-23897? CVE-2024-23897 is a critical vulnerability in Jenkins that enables att... From Code Analysis to RCE (CVE-2023-22953)2024-03-20T13:33:37+01:00 2024-07-25T22:59:08+02:00 https://xphantom.nl/posts/code-review-to-RCE/ Ahmed Sherif TL;DR: In this article, I detail my journey of discovering CVE-2023-22953 through a source code review process. I explain the steps involved, including taint analysis, manual code review, runtime debugging, and flow analysis. By following these methods, readers can gain insights into identifying and addressing vulnerabilities within their own codebase effectively. Index Introduction Dat... SysAid On-Premise 20.1.11 - Unauthenticated RCE2020-05-22T13:33:37+02:00 2025-02-09T21:37:36+01:00 https://xphantom.nl/posts/Sysaid-RCE/ Ahmed Sherif Introduction In 2020, I identified a vulnerability in the “SysAid Help Desk Software”. This security flaw was significant enough to be assigned the reference CVE-2020-10569. In this article, I’ll detail my discovery process, explain the nature of the vulnerability, and discuss its implications for users of the software. Sys-Aid Help Desk software Sys-aid help desk is a software to help corpo... Building-up and organizing CTF events — Nginx & Docker2020-02-25T13:33:37+01:00 2024-07-25T22:59:08+02:00 https://xphantom.nl/posts/ABNAMRO-CTF/ Ahmed Sherif Medium post