Preface In a burst of determination to hop on the modern train, I decided to run my own LLM model locally.
I quickly realized that my GPU is unsupported by the ROCm technology.
However, thanks to amazing technological improvements, it is still possible to circumvent this to run LLM models on unsupported hardware.
As it happens quite often during researching and/or debugging stuff on the fly, I quickly got myself into an unnecessary rabbit hole and lost several hours for almost nothing, but I still managed to run various medium-sized models (up to four billions parameters) pretty easily.
What ?? Malware ?? No more pentesting ?? (Boring backstory) Well, sort of. Let me keep this brief. I began my cybersecurity journey in 2020, focusing on penetration testing, web application security, and participating in various Capture the Flag (CTF) challenges, primarily on HackTheBox. Over time, I found myself losing interest. Working on box after box felt repetitive, and I realized it was time to explore something new and more challenging.
Moving a WSL2 installation to another drive Preface It’s been a while since I have written something so I guess it’s time to come up with some boring stuff to celebrate isn’t it ?
This blogpost will be very short but I found it pretty interesting because it’s about something I just did for my use case and now I know it will be somewhere if I ever need to do it again.
Quick review of the machine :
Wifinetic was a relatively simple box but still funny enough because of the memories it brought back.
I will start by discovering a FTP share with anonymous login enabled, which contains an interesting backup archive file among other PDF files.
The backup will leak me a password that I will reuse to gain a foothold on the machine as netadmin using SSH.
To get root on the machine, I will use a famous WPS cracking tool called reaver which will give me the pre-shared key of the network, which is root’s password aswell.
Quick review of the machine :
RedPanda was an easy-rated Linux HTB box made my Woodenk. During our initial nmap scan we discover the port 8080 that hosts the main application of this box, we discover a field input and manage to exploit it using SSTI. Having remote code execution we can either get the user flag directly or get a reverse shell using a msfvenom payload. Finally, we will be able to escalate our privilege using XXE to leak root’s SSH private key.