Njeriinjerii.hashnode.dev·Nov 18, 2024P3RF3CT ROOT CTF 2024 Writeup - Web3 and OSINTIntroduction "Are you okay?" "No, no, I'm not." My eyes are still recovering from staring at my laptops’ screen until 7 AM, and I'm pretty sure I've seen enough dust to make a desert jealous. Why, you ask? I just survived my first official CTF (Captu...Anthony Kimani and 1 other are discussing this2 people are discussing thisDiscuss·15 likes·288 readsCTF Writeup
WalkingEclipsewalkingeclipse.hashnode.dev·Nov 18, 2024Petshop Pro WalkthroughFlag 0 … Hints: Something looks out of place with checkout. It’s always nice to get stuff free. To find this flag we have to figure out a way to get a JPEG for free. As you can see on the homepage there are two JPEGS that can be added to the cart...DiscussCTF's#cybersecurity
WalkingEclipsewalkingeclipse.hashnode.dev·Nov 18, 2024Postbook CTF WalkthroughFlag 0 Hints: The person with username “user” has a very easy password. Click on Sign In Input the following: Username: user Password: < I think you can guess it > Once you’ve successfully logged in, you will capture your first FLAG! Flag 1 Hin...DiscussCTF's#cybersecurity
WalkingEclipsewalkingeclipse.hashnode.dev·Nov 18, 2024A little something to get you started CTF WalkthroughFlag 0 … The first hint tells us we need to look at the source code. Go ahead and take a look … Do you spot anything out of the ordinary? You should’ve found something is missing from the webpage. The code indicates that there should be an image di...DiscussCTF's#cybersecurity
J3bitokjebitok.hashnode.dev·Nov 11, 2024Cyber Defense Frameworks: Unified Kill Chain (TryHackMe)In this article, I will write a Unified Kill Chain write-up: The Basics that covers What is a “Kill Chain”, What is “Threat Modelling”, Introducing the Unified Kill Chain, Phase: In (Initial Foothold), Phase: Through (Network Propagation), Phase: Out...Discuss#CyberDefense
Pradip Bhattaraiprdp1137.hashnode.dev·Nov 11, 20244T$ CTF Writeup: Homelab ? More like Pwnlab !In this Capture The Flag (CTF) challenge, we were given access to two main targets: an SSH server running on a GoTTY shell and a NAS interface that allowed file uploads. My initial analysis revealed two key pieces of information. First, the SSH serve...DiscussCTF
Pradip Bhattaraiprdp1137.hashnode.dev·Nov 11, 20244T$ CTF Writeup: KittyKittyBankThe KittyKittyBank contract was written in Solidity, which allows users to send and withdraw ether (ETH) from the contract. In this blog post, I am providing a deep-dive into the details of the issue, and how it was exploited. Contract Overview Let's...DiscussCTF
Prashanth Bodepu0xpb.hashnode.dev·Nov 5, 2024Leek NFT challenge#0223 — IntigritiChallenge Overview Challenge Link: https://challenge-0223.intigriti.io/ Challenge By: @x64pr0fessor This challenge demonstrates a potential Cross-Site Scripting (XSS) vulnerability by allowing image uploads with unvalidated metadata, which an att...Discussmonthlychallenge
Ron Twisttwisted007.hashnode.dev·Nov 2, 2024HackTheBox: PermXIntroduction PermX is a cool Easy level machine from HackTheBox. Key points include fingerprinting the website framework in use, identifying an applicable RCE exploit, moving laterally to a user level, then escalating to root by abusing the user’s su...DiscussHackTheBox Writeups#HackTheBox
REHAN SAYYEDdignitas.hashnode.dev·Nov 2, 2024Code AnalysisIntroduction Upon accessing the MU-TH-UR6000 computer, AKA Mother, you will see the Mother UI server. However, since you only have a "Crew" Member level role, you only have read access to limited resources. But there are other ways to access it. Can ...Discuss·26 readsDevsecops#cybersecurity
