Ctf Writeup

Bagel is a medium Linux machine from HackTheBox. It involves exploiting file read vulnerability to read the application source code, fuzzing another dotnet application’s PID to download its DLL, and reversing it to find and exploit JSON deserialization vulnerability leading to foothold on the machine. …

Hey there, fellow cyber defenders! Imagine waking up on a sunny day, full of energy and ready to take on the day like a champion. You’re drinking your first sip of your favorite coffee (or tea, we’re inclusive here), feeling invincible. And out of the blue, your phone rings, and it’s…

This is a writeup of how I completed the tryhackme valley CTF. https://tryhackme.com/room/valleype Enumeration I started with my usual nmap scan ## this showed me there was an ssh server and a HTTP server along with some mystery port so I started looking at the http server on port 80 and…

https://tryhackme.com/room/valleype Introduction Welcome to another writeup! This time, we have a cool easy (not so easy) challenge, involving a lot of enumeration, interaction with FTP, network packets analysis, binary analysis, hash cracking and python library hijacking leading to privilege escalation! Nmap As always, we start by running Nmap to discover the available…

Welcome to the Part II of From Evidence to Answers: Navigating Forensic CTF Challenges with Skill. I recently discovered the amazing idea of “Shellbags” while reading Joakim Kävrestad’s book “Fundamentals of Digital Forensics” as part of my quest to learn more about digital forensics. The concept immediately piqued my interest…

I’m sharing a writeup for a wicked webtask from Ctflearn with 196 solvers and no writeup in Google where my team and I solved the flag together. It was a wild ride, full of twists and turns, but we finally managed to crack the code. It was a ton of…

Level 0

Learn how to brute, hash cracking and escalate privileges in this challenge. Reconnaissance: First we run a Namp scan to gather all the intel about the machine.

Enumeration and Privilege Escalation So after deploying the machine I ran the Nmap scan to find the open services, ports and OS on the machine.