Kiet Bui

@codingmagic

Joined on Nov 8, 2022

  • Hello, it has been a while since I last played CTFs. I am quite busy and lazy. Last week, I participated HTB CA and luckily cleared Forensics. Very Easy to Medium are very easy, so I won't deep into them. I write write-up for 3 challenges hard and insane. Hard Game Invitation After solving this challenge, the author has changed the evidence, so I will write both ways to solve this challenge. Before changing the evidence:
     Like  Bookmark
  • This challenge name should be No Star Where, the challenge maker was so "cay". The challenge gives us a packet capture file. We don't have to care all of packets in it. We just attend some packets like this. As you can see, the victim machine with IP address 192.168.25.164 had downloaded a zip file from 140.238.217.117:4953. After exporting and unzipping it, I have two files. I thought Security Baseline Discipline.docx had malicious macros in it, but after using olevba to analyse, it seems not a malware.
     Like  Bookmark
  • Giải này không có Forensics nên mình chơi Network :( và cũng may mắn giải được 1 bài :v. Network wifi Challenge này cho ta file network capture yêu cầu mình tìm Wi-Fi password với format là HCMUS-CTF{\d{6}}. File pcap chứa 5 packets bao gồm 1 packet chứa beacon frame và 4 packets 4-way handshake Cơ chế hoạt động của 4-way handshake được biểu diễn như hình dưới
     Like 1 Bookmark
  • In this CTF competition, our team - Mugiwara - has a third place in KMA Scoreboard (9th place in expanding scoreboard). You can follow our write up for all category here Forensics Linux is hurt During the competition, I couldn't solve this challenge. So, I took time solving it after the competition ended. Analyse memory dump
     Like  Bookmark
  • Forensics Với những bài "Very Easy" thì mình chỉ đi lướt qua vì nó cũng không có nhiều thứ để làm. Plaintext Tleasure Ctrl F, Packet Details -> Username Flag: HTB{th3s3_4l13ns_st1ll_us3_HTTP}
     Like  Bookmark
  • Forensics "Easy" Volatility Như tên bài, easy thật :))) Bài này cung cấp cho ta sẵn symbol của dump file luôn nên độ khó và thời gian làm coi như giảm tới 80% rồi :))) Mình bỏ symbol vào đường dẫn \volatility3\volatility3\symbols\linux file zst chứa json Sau đó mình giải nén và nén lại bằng đuôi .xz vì nếu không thì sẽ không chạy.
     Like  Bookmark
  • Misc Boys Challenge gives us a Github user name sk1nnywh1t3k1d Overview I see this user has a project in the repositories, its name is chat-app. And it has nothing special After spending a while looking for sure, I click commit hash, then add ".patch" to the end of the url bar. I found this way from https://www.nymeria.io/blog/how-to-manually-find-email-addresses-for-github-users
     Like  Bookmark