Ctf

Of course, this looks like a standard shopping page. If we click on Add to Cart the URL changes to… — Yay !!! The Flag is on sale !!!! But are you okay with paying the "Gold Price" or will you pay the "Iron Price" ? https://web.ctf.devclub.in/web/4/ Of course, this looks like a standard shopping page. If we click on Add to Cart the URL changes to https://web.ctf.devclub.in/web/4/buy/<product_name>.

This room is aimed for beginner level hackers but anyone can try to hack this box. There are two main intended ways to root the box. — As we know there are two ways to root the box. So we will go both ways. First, we start with an NMAP scan. We found 3 open ports i.e, Port 21 — FTP Port 22 — SSH Port 80 — HTTP

Making a persona that’s even faker than your social media identity. — Making a persona that’s even faker than your social media identity. This is a continuation of OSINT: Do I have to Capture The Flag? Pt1. if you hadn’t guessed from the title. You don’t have to read it, it’s just background info and considerations as to how and why you’d…

Erlik Machine Writeup — First, let’s do a ping scan. Let’s find our own IP address to determine the IP address of our victim machine. Victim IP Adress: 10.10.10.129 Version scanning is done with Nmap.

Level: Easy (Just because it says easy doesn’t mean it’s easy) — Level: Easy (Just because it says easy doesn’t mean it’s easy) Question 1: Deploy the machine and connect to our network Completed. (Nothing to be done) Question 2: Find the services exposed by the machine Lets start by enumerating open ports. I will use rustscan(Or nmap). ; -a : for…

This was the only mobile chall on this CTF. We start by installing the APK and opening it. At first glance, there’s not much to be done… — This was the only mobile chall on this CTF. We start by installing the APK and opening it. At first glance, there’s not much to be done, since there’s only a login screen, for which we have no credentials (yet). We notice that there are 2 flavors of the application…

Digital forensic challenge by cyberdefenders.org — Here is my write-up for the mini linux forensics challenge. In this challenge, each participant received 2 E01 files aka Encase image files, which are mate and kubuntu disk image. At first I was put the E01 image into FTKImager, but I found that it is not so convenient for…

At this stage we still have access to THROWBACK-PROD as a domain user called BlaireJ. In order to gain higher privileges in the domain… — At this stage we still have access to THROWBACK-PROD as a domain user called BlaireJ. In order to gain higher privileges in the domain, e.g. Domain Admin, we should now enumerate the Active Directory Domain. Collecting the Data First of all we need to collect data on the domain. After that we can…

Difficulty: Hard — Difficulty: Hard Hi guys, today in this write-up I am going to show you how to complete the Jeff ctf. Let’s get started. As usual, start with NMAP scan.