Attack on Fort Clara

So a while back I wrote about a Lego Fort:


Now today we go through a way how some pirates could attack the fort. This is a spoilerfree spoiler to a real machine I wrote a report on it .. if you see how it works you might have done the same machine. Because some of my pictures are more a riddle than a spoiler 😉 So here we go.


First our pirates do a little recon on the fort.


With all their informations they go to the wise island magician who knows all the good tricks. From him they get a all seeing telescope …

With that telescope they can see everything on that fort ….


With that information it is easy to find some stupid soldier ….


as wich they can disguise …


to deliver their evil dynamite ..


but unfortunatly dynamite is not allowed on the fort …


so they need a flimsy disguise for the payload .. so they can put it on the fort to trigger it later with another method ..

and game over …attackonfortclarie-9

#OSCP Turning your Backdoor in a WordPress Plugin

Just a quick one:

Imagine you own a wordpress and want to upload your remote php script as a nice fancy wordpress plugin. You know, just adding a feature the original installation doesn’t have. So you grab your trusty php remote shell script .. and wordpress hates it. Damm .. So how do  we build a valid wordpress plugin?

  1. Open up your php script and add

Plugin Name: Plugin
Plugin URI:
Description: Basic WordPress Plugin Header Comment
Version:     20160911
Author URI:
License:     GPL2
License URI:

to the start, then upload it

2. ??????

3. Profit


Easy ^^