{"@attributes":{"version":"2.0"},"channel":{"title":"Leandro's Code Cave","link":"https:\/\/iamleandrooooo.github.io\/","description":"Recent content on Leandro's Code Cave","generator":"Hugo","language":"en-us","lastBuildDate":"Thu, 21 May 2026 00:00:00 +0000","item":[{"title":"FireFlow - Chaining Langflow RCE, JWT Abuse, and Kubernetes nodes\/proxy to Root an HTB Box","link":"https:\/\/iamleandrooooo.github.io\/posts\/fireflow_fullpwn\/","pubDate":"Thu, 21 May 2026 00:00:00 +0000","guid":"https:\/\/iamleandrooooo.github.io\/posts\/fireflow_fullpwn\/","description":"Challenge Description Difficulty: \ud83d\udfe1 Medium\nSince Full Pwn challenges don&rsquo;t have a description like other challenges, here&rsquo;s a recipe for a great Cozido \u00e0 Portuguesa:\nIngredients 500 g beef 1\/2 chicken Pork ribs and pork ear 1 chouri\u00e7o 1 morcela 1 farinheira Potatoes Carrots Cabbage Rice Salt and pepper Instructions Add the beef, chicken, and pork to a large pot with water, salt, and pepper. Boil and simmer for about 1."},{"title":"Dudsat - Reversing a Doppler-Disguised Permutation Cipher","link":"https:\/\/iamleandrooooo.github.io\/posts\/dudsat_reverse\/","pubDate":"Wed, 20 May 2026 00:00:00 +0000","guid":"https:\/\/iamleandrooooo.github.io\/posts\/dudsat_reverse\/","description":"Challenge Description Category: Reverse Engineering\nDifficulty: \ud83d\udfe1 Medium\nNetworks trust its timing. So does a clearing system that moves money across four countries. Six weeks ago someone quietly bought ORBIT-9. Last week the clearing system froze for eleven hours. Yesterday a regional airport logged position drift during a HELIOS-7 pass. Not accidents. Tests. A burned asset codenamed FERRYMAN pulled one file off an ORBIT-9 maintenance laptop before going dark. A binary, lbproc, described internally as a link budget validation tool."},{"title":"Sysprobe - Five Layers of Onion, One DFT, One Flag","link":"https:\/\/iamleandrooooo.github.io\/posts\/sysprobe_reverse\/","pubDate":"Wed, 20 May 2026 00:00:00 +0000","guid":"https:\/\/iamleandrooooo.github.io\/posts\/sysprobe_reverse\/","description":"Challenge Category: Reverse Engineering\nDifficulty: \ud83d\udd34 Hard\nTask Force Nightfall has intercepted a binary pulled from a compromised monitoring node inside a critical infrastructure operator. On the surface it is exactly what it claims to be - a routine diagnostics utility, the kind deployed silently across thousands of managed endpoints. Clean signature, legitimate-looking output, nothing that trips an alert. But the node it was found on had no business running it."},{"title":"SANDY - Malware Reverse Challenge","link":"https:\/\/iamleandrooooo.github.io\/posts\/sandy\/","pubDate":"Fri, 03 Oct 2025 00:00:00 +0000","guid":"https:\/\/iamleandrooooo.github.io\/posts\/sandy\/","description":"Challenge Description Author: John Hammond\nMy friend Sandy is really into cryptocurrencies! She&rsquo;s been trying to get me into it too, so she showed me a lot of Chrome extensions I could add to manage my wallets. Once I got everything sent up, she gave me this cool program!\nShe says it adds better protection so my wallets can&rsquo;t get messed with by hackers.\nSandy wouldn&rsquo;t lie to me, would she&hellip;?"},{"title":"About","link":"https:\/\/iamleandrooooo.github.io\/about\/","pubDate":"Sat, 13 Sep 2025 00:00:00 +0000","guid":"https:\/\/iamleandrooooo.github.io\/about\/","description":"Hey, I&rsquo;m Leandro! I am an Offensive Security Specialist, and spend my days hunting down security flaws, tinkering with code, and figuring out how systems can break.\nI&rsquo;ve collected a few certifications along the way (OSCE3, OSWE, OSED, OSEP, OSCP, OSWP, CRTP, GCIH, etc.), and a few CVEs:\nCVE-2025-28168 CVE-2026-26273 CVE-2026-26281 CVE-2026-26270 CVE-2026-40888 I actually started in software engineering, so I know my way around development, and architecture before diving headfirst into security."},{"title":"RC4 Reverse Engineering","link":"https:\/\/iamleandrooooo.github.io\/posts\/rc4_reverse\/","pubDate":"Sat, 13 Sep 2025 00:00:00 +0000","guid":"https:\/\/iamleandrooooo.github.io\/posts\/rc4_reverse\/","description":"RC4 Reverse Engineering RC4 Overview RC4 is a lightweight stream cipher commonly used in malware for string decryption, binary unpacking, and encrypting network traffic.\nWhen analyzing a binary that uses RC4, there are a few key indicators and areas worth examining.\nNo matter how much obfuscation is applied, typically if you find two loops responsible for initializing and scrambling a substitution box, it\u2019s a strong sign that RC4 is being used."},{"title":"Verification Clarification","link":"https:\/\/iamleandrooooo.github.io\/posts\/verificationclarification\/","pubDate":"Sat, 13 Sep 2025 00:00:00 +0000","guid":"https:\/\/iamleandrooooo.github.io\/posts\/verificationclarification\/","description":"Challenge Description Author: @resume\nDifficulty: \ud83d\udfe1 Medium\nOne of our users received an unexpected email asking them to complete extra verification in order to download a zip file, but they weren\u2019t expecting to receive any files.\nYour task is to investigate the verification link provided in the email and determine if it\u2019s suspicious or potentially malicious (\u201cphishy\u201d).\nNote: If the verification link doesn\u2019t respond when you visit it directly, try accessing it using a different method or tool."},{"title":"Automating SQL Server Linked-Server Password Recovery with PowerShell","link":"https:\/\/iamleandrooooo.github.io\/posts\/sqlserverlinkedserverspasswords\/","pubDate":"Fri, 12 Sep 2025 00:00:00 +0000","guid":"https:\/\/iamleandrooooo.github.io\/posts\/sqlserverlinkedserverspasswords\/","description":"SQL Server Linked Server Passwords \u26a0\ufe0f Disclaimer: Legal Use Only\nThis script is provided solely for legal purposes. Any use of this script for illegal activities or in violation of applicable laws is strictly prohibited.\nI take no responsibility if:\nYou use this script for unlawful purposes. You encounter any legal consequences as a result of using this script inappropriately. This whole script can be broken down into 4 steps. The first step is enabling TCP\/IP connections on all SQL Server Instances."}]}}