Browsed by
Tag: stuxnet

Tomghost — Write-up

Tomghost — Write-up

TryHackMe Challenge Link: https://tryhackme.com/room/tomghost Tomghost is an interesting CTF from Stuxnet; it has rather an unusual section after gaining RCE, which makes for a nice break from standard CTF challenges. In this room we’ll be exploiting a vulnerability in Ghostcat and exploring ASCII armour protected PGP encryption keys, followed by a nice easy privilege escalation up to root. Let’s begin! Enumeration: We begin, as always, with enumeration of the machine. Let’s start with an nmap scan: Great, so, we have…

Read More Read More

NoName CTF — Write-up

NoName CTF — Write-up

TryHackMe Challenge Link: https://tryhackme.com/room/nonamectf NoName CTF is a great little CTF from stuxnet. It provides a really nice introduction to some often lesser-used topics in challenge boxes, including SSTI and BOF, making this a perfect box to get some practice in on! Without further ado, let’s begin! Enumeration As per normal, we’re going to begin this challenge with an nmap scan: We’ve got four ports open here. Nothing unusual about port 22 — just SSH as normal. We can’t bruteforce that…

Read More Read More