rudefish

@rudefish

I'm into cyber security and all its madness, whenever I participate in CTFs the write ups goes here

Joined on Oct 11, 2020

  • Machine Details Name: Symfonos 2 OS: Linux Platform: Vulnhub Download Link: Symfonos 2 Getting started I booted up the machine and got assigned an IP addres of 192.168.50.130. Similar to symfonos1, I added symfonos2.local to my hosts file. 192.168.50.130 symfonos2.local
     Like  Bookmark
  • Machine Details Name: Symfonos: 3 OS: Linux Platform: Vulnhub Download Link: Symfonos 3 Getting started After obtaining an IP address for the machine, 192.168.50.137 in my case. I addeed it to mu hosts file. 192.168.50.137 symfonos3.local
     Like  Bookmark
  • Machine Details Name: Symfonos 1 OS: Linux Platform: Vulnhub Machine Link: Download Symfonos 1 Obtaining the assigned machine IP address After setting up the machine on VMWare, the first step is to find the IP address assigned to the machine. To do this, we can use several methods. The two I use often is shown below: sudo netdiscover -r 192.168.50.0/24
     Like  Bookmark
  • Machine Details Name: Search OS: Windows IP address: 10.10.11.129 Difficulty: Hard Points: 40 Initial Enumeration As always, I started with an nmap scan to find out what services are running on the box.
     Like  Bookmark
  • Machine Details Name: SunsetDecoy IP address: 192.168.66.85 Difficulty: Easy Points: 5 In the beginning As always, I started with an nmap scan and the result is shown below: There seems to be two services running; SSH on port 22 and HTTP on port 80. From the script enumeration, the HTTP service is serving a file save.zip. So I proceeded to visit the IP address in the browser and downloaded the save.zip file.
     Like  Bookmark
  • Machine Details Name: FunBoxRookie IP address: 192.168.66.107 Difficulty: Easy Points: 5 It all began with nmap Once the box has been started, as usual the first step is to run a scan. nmap comes to the rescue and the result is shown below. From the scan results, there are three services running on this box; an FTP service on port 21, an SSH service on port 22 and also an HTTP service on port 80. Interestingly, the FTP service allows anonymous login.
     Like  Bookmark
  • Machine Details Name: BBSCute IP address: 192.168.118.128 Difficulty: Easy Points: 5 Initial Enumeration I started the box and was assigned the IP address 192.168.118.128. My first step was to conduct a scan. For this purpose I used nmap and found the following ports open: 22, 80, 88, 110, 995. Conducting further enumeration, I entered the IP address into the browser and I was presented with the page below:
     Like  Bookmark
  • Machine Details Name: Horizontall IP address: 10.10.11.105 Difficulty: Easy Points: 20
     Like  Bookmark
  • Name: c0ntr0l 0x03 Category: web Points: 150 At the time of this write up, the challenges has ended and the web interfaces closed, so I will explain some processes rather than providing screenshots. Challenge Description We were told to find out was Angela was talking about and find the flag. Solution
     Like 1 Bookmark
  • Name: c0ntr0l 0x01 Category: Web Points: 100 At the time of this write up, the challenges has ended and the web interfaces closed, so I will explain some processes rather than providing screenshots. Challenge Description We were given an IP address for the challenge at http://104.131.178.50:8888/. Visiting the page returns a login screen. Solution
     Like 1 Bookmark
  • Name: Can you see through the crowd Challenge Description look precisely :) this challenges flag starts with RAZICTF Solution Starting the challenge, we are provided an IP address to connect using netcat: nc 130.185.122.69 12478
     Like 1 Bookmark
  • Name: Git The Flag Points: 700 Challenge At the time of this write up, the Arpcon CTF has ended and I no longer have access to the challenge details for screenshot. Solution We were provided with a secret.zip file. Extracting the file with unzip secret.zip and navigating to the extracted folder, looks like we got ourselves a git repo.
     Like 1 Bookmark
  • Name: Hacker Camp Challenge Solution By following the provided link https://hacker-camp.chals.damctf.xyz/we are presented with a login page So we have a PHP application requesting for a username and password. We did some directory brute forcing with gobuster but didn't get much result, so we proceeded to bypass the login page using SQLi. Providing ' or 1=1# as the username (any SQLi login bypass payload will work, you can find some here) and any password, we are logged in as the user rhonda.daniels Then we have a list of students, looks like rhonda.daniels is a staff
     Like 1 Bookmark