Browsed by
Tag: write-up

Tomghost — Write-up

Tomghost — Write-up

TryHackMe Challenge Link: https://tryhackme.com/room/tomghost Tomghost is an interesting CTF from Stuxnet; it has rather an unusual section after gaining RCE, which makes for a nice break from standard CTF challenges. In this room we’ll be exploiting a vulnerability in Ghostcat and exploring ASCII armour protected PGP encryption keys, followed by a nice easy privilege escalation up to root. Let’s begin! Enumeration: We begin, as always, with enumeration of the machine. Let’s start with an nmap scan: Great, so, we have…

Read More Read More

Jack-of-All-Trades — Write-up

Jack-of-All-Trades — Write-up

TryHackMe Challenge Link: https://tryhackme.com/room/jackofalltrades Jack-of-All-Trades is my very first CTF challenge box. It was created for the Securi-Tay conference run on the 28th of February, 2020 by the UAD Hacksoc. As you play through this box you will find many references to penguins. This will not make much sense to anyone who didn’t attend the conference, so allow me to explain before we get started in earnest. The theme of the 2020 Securi-Tay conference revolved around the infamous Dundee penguins….

Read More Read More

Inclusion — Write-up

Inclusion — Write-up

TryHackMe Challenge Link: https://tryhackme.com/room/inclusion Inclusion is a really nice introduction to Local File Inclusion. The room is written by falconfeast, or mzfr as he’s otherwise known. This will be a quick write-up, but hopefully it will make clear anything that you might be struggling with in this room. As a bonus, I’ll also include the really quick, unintended method at the end of this write-up, but please, do it the intended way first. Let’s get started! Enumeration: Well worth doing…

Read More Read More

Year of the Rabbit — Write-up

Year of the Rabbit — Write-up

TryHackMe Challenge Link: https://tryhackme.com/room/yearoftherabbit Year of the Rabbit is the second box I built; and was originally designed to accompany my workshop on CTF creation, first presented on the 11th of March 2020 to the UAD Ethical Hacking society. Now that Year of the Rabbit has been made public, I am also releasing this post as the official write-up. Let’s get started! Enumeration: As always, we first need to perform some initial enumeration on the box. Get nmap up and…

Read More Read More

NoName CTF — Write-up

NoName CTF — Write-up

TryHackMe Challenge Link: https://tryhackme.com/room/nonamectf NoName CTF is a great little CTF from stuxnet. It provides a really nice introduction to some often lesser-used topics in challenge boxes, including SSTI and BOF, making this a perfect box to get some practice in on! Without further ado, let’s begin! Enumeration As per normal, we’re going to begin this challenge with an nmap scan: We’ve got four ports open here. Nothing unusual about port 22 — just SSH as normal. We can’t bruteforce that…

Read More Read More

Willow CTF — Write-up

Willow CTF — Write-up

TryHackMe Challenge Link: https://tryhackme.com/room/willow Willow is the third box I’ve written, but the second to be publicly released. The first two — Jack-Of-All-Trades and Year of the Rabbit — were both designed for specific events, but they will hopefully be released on TryHackMe in due course. This particular box was designed when I was in a very specific frame of mind, which is reflected in the slightly ethereal nature of the theme. Brownie points if anyone can identify where the…

Read More Read More

CherryBlossom CTF — Write-up

CherryBlossom CTF — Write-up

TryHackMe Challenge Link: https://tryhackme.com/room/cherryblossom CherryBlossom is my fourth CTF Challenge Box. It focuses heavily on cryptography and file manipulation, but also contains lateral movement and a privesc once the machine itself is compromised. Let’s begin. Initial Enumeration: We start, as always, with an nmap scan to see what services we have available to us: Three open ports, all standard. We have SSH running on Port 22 — there’s nothing we can do with this for now; not without at least…

Read More Read More

Bebop — Write-up

Bebop — Write-up

Challenge Link: https://tryhackme.com/room/bebop Bebop is a quick box that exemplifies exactly how insecure some drone operating systems are. This box shouldn’t take very long to root — it’s really not particularly challenging (which is slightly worrying given it’s based off real drone software). Of much more interest is the overarching concept: drone hacking. If you haven’t already watched the video embedded into the THM room, I would highly recommend it; it’s really interesting (and hilarious in places). I’ll include an…

Read More Read More

Madness — Write-up

Madness — Write-up

Challenge Link: https://tryhackme.com/room/madness Madness: the CTF Challenge from Optional that is true to its name. This room is infuriating; but all the more fun because of it. Madness is ranked as being easy, which is apt because as far as hacking techniques go, this box isn’t hugely difficult. In terms of puzzles, on the other hand… Well, let’s just say that Optional is an evil genius. If you would prefer to do the puzzles by yourself then I would suggest…

Read More Read More

LazyAdmin — Write-up

LazyAdmin — Write-up

Challenge Link: https://tryhackme.com/room/lazyadmin LazyAdmin is a Linux challenge box on TryHackMe. Written by MrSeth6797, this room is designed to be a relatively relaxed challenge to practice with. There is nothing particularly unusual or extreme about the LazyAdmin box — which is exactly how it should be for a gentle practice challenge. Let’s get started! Enumeration: The first stage of this challenge is, as normal, enumeration. We’ll start by running a pretty standard nmap scan to see what ports are open…

Read More Read More

Scroll Up