Thaddeus’s Personal Site

Overview# For school and personal curiosity I wanted to mess around with hosting my own local AI Chat server for testing and evaluation. I wanted this to be open source, private, and privacy concious. This setup enables a LAN-locked AU chat web UI backed by Ollama models with the ability to enable web search, code execution, and HTTPS through a reverse proxy. Its important to note, that this is simply meant to be something contained and not sitting on the public internet.

Intro# While working on my git repo for my research project found here: https://github.com/adminprivileges/ebpH I was making changes to a local branch and pushing it up to the remote github repo without really worrying about where it was going because I assumed it was going to a remote branch. I was wrong and the changes were going directly to main. This isnt really a huge issue since the repo is only for me, but I’m typing this out so hopefully I dont make this mistake somewhere it actually matters and so I can have the steps to fix it id it does.

Intro# Today while messing around with one of the HackTheBox retired machines “Previous”, the method of gaining initial access is due to the “Middleware” Authentication Bypass in Next.js. This vulnerability can be exploited to bypass authorization and access sensitive pages. Details of the affected versions can be found here CVE-2025-29927. Background# The CVE is a vulnerability in the handling of “middleware”. In its simplest terms (the only ones I understand) middleware is a function used to process a user request in some form or fashion.

01. Intro# I use ZFSBootMenu to manage my boot environments and help me roll back when I inevitably do something destructive to my system. Today I decided to change my encryption password because my current one has a key combination that confused my fingers so I almost always typed it incorrectly the first time. I changed my zfs rpool password, but I neglected to update initramfs. Im documenting the steps to properly change my password here so that i dont forget.

01. Intro# I was doing the Password Attacks lab in hackthebox academy and I found it pretty interesting so I figured I would redo it and step through how I did it and my thought process to help solidify concepts and because I enjoyed this one, even though it was a bit frustrating initially. 02. Gathering Initial Info# To start this engagement we know a couple things. We have a user Betty Jade that works at Nexura LLC.

Today I was looking at something new to learn and I came accross some material on DLL Hijacking. Previously I was only really aware of DLL search order hijacking, but I was interested to see that theres actually several varients to this idea. It may be best to first explain what a DLL is before talking about methods of manipulation. A DLL is a shared object or a snippet of code that several applications and operating system components can import for many common functions as to not have to re-invent the wheel on many things.

Today I was looking into some stuff for SSH and I wanted to know more about the maths behind how diffie helman works and since its just always something I took for granted so today I learned. Below is a simple graphic that I made that illustrates the process of the key exchange. So what does this mean? Well asymetric cryptography is built upon the idea of creating a shared secret independently without passing it over the public internet.

So I didn’t do anything today so I’m going to take today to write about NixOS. I started using NixOS recently because I would like to incorporate declarative and immutable operating systems into my research. I was introduced to NixOS via one of my favorite podcasts Linux Unplugged. I wasn’t initially sold on it because it sounded like a fad, but so far its pretty cool. This is how I understand it.

Hello, this is the beginning of my (somewhat) daily blog. The intention of this blog is less of an exercise in writing about my life and more of a exercise in making a habit of documentation. I plan to write daily about lessons I learned about computers that day and I’m sure there will be a non-computer related blog or two. When I implement tagging and search, I will make sure that things are tagged appropriately.

Do you ever find yourself wanting to access machines, but due to the permissions of he computer you’re currently on or network restrictions you’re unable to do so? Or maybe you have users that you would like to have access to remote machines, but you don’t want to have to worry about what remote administration tools they have on their devices. Guacamole is cool because it allows a user to access Windows and Linux machines through a variety of different protocols such as SSH, RDP, or VNC through a web browser as all of the tools are separated from the client machine and resident on the server side meaning administration can be done on any computing device capable of web browsing to prove it, once we have this set up i will access a remote machine via my PlayStation 4.