Welcome to our new blog series, Meet 1337! Each month, we will shine a light on one of the genius minds within our awesome network of hackers!
Today, we are thrilled to introduce you to Alwin, a versatile hacker with a unique blend of ITops expertise and with a passion for digital exploration.
Please tell us a bit about yourself. Who are you?
Hi, my name is Alwin, a hacker with a background in ITops. During the day, I work for Ordina and carry out pentests on behalf of customers. These assignments are diverse, for example, pentesting a mobile app, website, or network infrastructure or carrying out physical pentests to gain unauthorized access to a building. In the evenings, I volunteer at the DIVD and assist the CSIRT team in the scan-report process. In addition, I try to do Bug Bounty in the time that is left, for example, via the Zerocopter platform.
How much time do you spend on hacking?
On average, I think something like 30 hours a week. During that time, I am not only busy with die-hard hacking, but part of the time is also spent studying and doing research.
When did you start hacking?
My interest was aroused in high school when, when a friend ‘hacked’ my PC with the NetBus tool. How easy it was to accomplish this, and how he then remotely opened my CD tray to prove he had control over my PC, was a real eye opener for me. After working in IT ops for about 10 years, I finally made the switch to pentester in 2016, and from then on I really started hacking.
Could you share some challenges you faced while hacking or in this industry?
What remains difficult is getting contact from an organization to report a vulnerability. Publishing a responsible disclosure and security.txt file on the public website will help us enormously.
What was your most interesting/crazy hack?
The most impactful vulnerability was an SQL injection that gave access to a database with 2.8 million customer records. A creative vulnerability was one where I found credentials on GitHub. However, triage on the Zerocopter platform scaled the vulnerability back to informative because I couldn’t demonstrate exploitation, something they were right about at the time. I then tested the credentials on various login portals and finally gained access to the internal network via a Citrix portal on which 2FA was not enforced. This increased the vulnerability from an informative finding to a critical one. A crazy hack was finding multiple 0days in a money-counting machine. By chaining them together, unauthorized remote code execution was possible… what could possibly go wrong ☺
Could you share some surprising stories or fun facts that occurred to you during your career?
Some time ago, together with a colleague on my daytime job, I was able to carry out a physical pen test for a customer. The assignment went well, and we achieved the goals that had been agreed with the customer in advance. However, what we had not taken into account as well was that a citizen had noticed some of our activities. This citizen did not trust the situation and eventually called in law enforcement. A few hours later, we were stopped on a road by law enforcement on a motorcycle, asking what we were doing. By showing an official document (get out of jail card) and calling our contact person, we could continue our way.
What are your favorite tools/resources/content/people to learn from and which you could recommend to others?
I really enjoy hacking on Hack the Box, especially the pro labs, in which you have to attack fictional networks complete with an active directory. Their academy is also very nice if you are looking for depth in a specific area. Tools that I use a lot are, of course, Burp Suite and tools from ProjectDiscovery.
Why do you hack with Zerocopter?
The diversity of organizations that run their RD and/or research programs is great. In addition, I experienced that the lines of communication with the people at Zerocopter are short, which makes it a nice platform to do Bug Bounty.
What is your favorite swag that you ever got?
After reporting an impactful vulnerability, I received a license plate from the RDW with the letters
HA-CK-ER on it, and of course, a Zerocopter t-shirt is awesome to have.
What is, in your opinion, the best conference to go to?
Definitely MCH (https://mch2022.org). I really enjoy camping, and that, combined with hackers from all over Europe who often have the same interests as me, gave me a great experience. The successor to MCH will take place in the summer of 2025. https://why2025.org/
What would you like to learn in the future?
Hardware hacking. I have several projects at home but do not yet have the knowledge and experience needed to exploit any vulnerabilities. I have already purchased various tools and followed training, so hopefully, I will find 0days in this area in the future.
