Victor Ukohatpscript.hashnode.dev·Dec 15, 2024CTF Solution: Finding MY FriendIn this blog post, we will try to provide a comprehensive solution to the Finding My Friend CTF from Vulnhub. After downloading the CTF from vulnhub, we then import it and disable the serial port from the setting to be able to run the machine. Note t...DiscussCTF SolutionsFindingMyFriend
Lê Mậu Anh Phonglemauanhphong.hashnode.dev·Dec 14, 2024Let Me In - WannaGame Championship 2024Source code. We need to login as admin. Look at cookie name _letmein_session → Web uses framework Ruby on Rails Path traversal at /static?image=… → Read /proc/self/environ → Get SECRET_KEY_BASE → It’s used to encrypt and sign user’s session → Idea...Discuss·2 likes·114 readsCTF
envi0rforNothing2Losen2l.hashnode.dev·Dec 1, 2024HackTheBox Machine : Jerry Write UpAlthough Jerry is one of the easier machines on Hack The Box, it is realistic as Apache Tomcat is often found exposed and configured with common or weak credentials. Seperti biasa pertama lakukan port scanning. ❯ nmap -sC -sV -T3 10.10.10.95 -Pn Sta...Discuss·1 like·26 readshtb
ReplforNothing2Losen2l.hashnode.dev·Dec 1, 2024Comprehensive Writeup of the Last Web Challenges from Final NCW 2024At the end of the 2024 event, I managed to solve the final web challenge in NCW, even though I didn’t participate in the event. I guess I solved it just for fun? Anyway, from what my friend who participated in the finals told me, this challenge had z...Discuss·1 like·38 readsncw
ReplforNothing2Losen2l.hashnode.dev·Nov 30, 2024IDSECCONF 2024 CTF - All Web WriteupRecently, I joined a CTF organized by IDSECCONF, playing as N2L with two of my friends—our team had three people in total. At the time, I was mostly focusing on web challenges (but also did some reverse stuff) because the reverse category in this eve...Discuss·69 readsxss bypass
Dentonmy-cybersec-journey.hashnode.dev·Nov 28, 2024Infected Networks CTFIntroduction Back on November 2nd, 2024, I had the opportunity to compete in the Last of Us themed CTF, Infected Networks, hosted by SAIT, Megabyte SAIT, Women in CyberSecurity (WiCyS) UofC, and The Cybersecurity Club - UCalgary. My teammate and I pl...DiscussCTF Writeups#capturetheflag
Yunis Mohamedalbaharyhacks.hashnode.dev·Nov 26, 2024Complete Guide to Solving the GamingServer CTF ChallengeIntroduction This guide details a penetration testing process on a GamingServer using tools like Nmap for port scanning, Gobuster for directory enumeration, and John the Ripper for password cracking. Key findings include open ports for SSH and a web ...DiscussTryhackme CTF WRITEUPSCTF Writeup
kurtnettlekurtnettle.hashnode.dev·Nov 24, 2024Horrorible Crypt | CryptographyProblem Statement Can you find the encoded Message? 0beaeb0c17f05c53cb443b6f07d04c7674e47077d044595bf54648319fd1ab15 Flag Format: BUBT{Something} Prerequisites <not sure what to put here> (experience I guess?) Solution We didn’t manage to solve ...DiscussCyber Skills Bootcamp Competition | BUBTGOST cipher
danqing liulzdq.hashnode.dev·Nov 24, 2024SECCON CTF 2024 Reaction writeupreverse engineering, 15 teams solved What is this program emulating? Given an executable and a fake flag. Reverse the binary The binary first open flag.txt. Then, it allocates 624 integers and init them using mt19937. The seed is the production of ea...Discussreverse engineering
kurtnettlekurtnettle.hashnode.dev·Nov 24, 2024Phonetic | CryptographyProblem Statement Encrypted text: Bravo Uniform Bravo Tango Four Lima Whiskey Four Yankee Five Seven Hotel One November Kilo Three Four Five Yankee Flag Format: BUBT{word1_word2_word3} Hint: lower case Prerequisites <not sure what to put here> (...DiscussCyber Skills Bootcamp Competition | BUBTbubt
