Nest Sweets NTFSファイルシステムにはADSがある Procedure nmap PORT STATE SERVICE VERSION 445/tcp open microsoft-ds? 4386/tcp open unknown | fingerprint-strings: | DNSStatusRequestTCP, DNSVersionBindReqTCP, Kerberos, LANDesk-RC, LDAPBindReq,…

no crypto 150point Description there's crypto in here but the challenge is not crypto... 🤔 no crypto Solution run binary ./not-crypto I heard you wanted to bargain for a flag... whatcha got? aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa…

Haircut Sweets OWASPのdirbusterのリストは優秀 webサーバで使用されているコマンドや構造を把握することが大事 Procedure portscan PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.2p2 Ubuntu 4ubuntu2.2 (Ubuntu Linux; protocol 2.0) | ssh-host…

Resolute tags: HTB Medium Procedure User Flag nmap PORT STATE SERVICE VERSION 53/tcp open domain Microsoft DNS 88/tcp open kerberos-sec Microsoft Windows Kerberos (server time: 2020-05-09 01:19:47Z) 135/tcp open msrpc Microsoft Windows RPC…

shocker tags: HTB Easy Procedure enumeration nmap scan PORT STATE SERVICE VERSION 80/tcp open http Apache httpd 2.4.18 ((Ubuntu)) |_http-server-header: Apache/2.4.18 (Ubuntu) |_http-title: Site doesn't have a title (text/html). 2222/tcp op…

Conclusion ミドルウェアのバージョンを調べる事は大事 古いミドルウェアにはエクスプロイトがよくある Procedure nmap PORT STATE SERVICE VERSION 21/tcp open ftp vsftpd 2.3.4 |_ftp-anon: Anonymous FTP login allowed (FTP code 230) | ftp-syst: | ST…

Conclusion 古いミドルウェアは使わない Procedure nmap PORT STATE SERVICE VERSION 80/tcp open http HttpFileServer httpd 2.3 |_http-server-header: HFS 2.3 |_http-title: HFS / 80/tcpにブラウザでアクセスする nmapの情報通りHttpFileServer 2.3が動…

Challenge tablEZ Bobby was talking about tables a bunch, so I made some table stuff. I think this is what he was talking about... Solution Given file is 64-bit ELF file. It seems crack me style binary. $ file tablez tablez: ELF 64-bit LSB …

Challenge Missed Registration It's registration day! These forms just seem longer and longer... pcap file is here Solutions Almost of all packets are HTTP POST packets. They looks like sending data normally, but some packet include x param…

今回は問題を解くことができませんでした。備忘録として残します。 Challenge Description: Start Reverse Solution 64bitのELFファイルが与えられます。ひとまず実行してみます。 $ ./abc give me flag... :D $ ./abc 12345 Sorry, try harder :( 引数に期…

Challenge This file was captured from one of the computers at the Internet cafe. We think that the hacker was using this computer at that time. Try to get his secret documents. ( flag format is flag{…} ) Solution あたえられるのはpcapファイ…

Challenge Anti-Debugging Reverse it. bin (SHA1: 690c72681b1cd2bb9fe01efe0bfb71b44f7838d3) may some AV will alert,but no problem. 私の環境ではAVに引っかからなかったです。気を利かせてくれたのか、役立たずなのか、、、 Solution 与えられたのは32…

Challenge 問題文をメモし忘れてしまいました、、、 暗号化と圧縮したファイルを解凍するとpocketという名前のzipファイルが現れます。binwalkでジャカジャカ展開していきます。 # binwalk pocket DECIMAL HEXADECIMAL DESCRIPTION ------------------------…

Challenge Within the ICS enviroment there has been some odd behavior with one of the network switches. You have asked your Network Administrators to see if they could pull some traffic from their packet capture solution. They dug into the …