There is no excerpt because this is a protected post.
Protected: HTB – Escape writeup
Category: Writeup
HTB – Stocker Writeup
Recon Nmap Directory listing The web app Exploit Auth Bypass PDF Injection The following is the request that was done to puchase an Axe A quick google search lead me here : https://www.triskelelabs.com/blog/extracting-your-aws-access-keys-through-a-pdf-file Maybe we can get info from the Database Let’s see if I can find any interesting files […]
Tenable CTF – ContinuuOS writeup
I had time to do a couple challenges for this event. This one was the one I enjoyed the most and since it includes two different techniques, I decided to do a writeup. Enjoy The flag is the SSH key for user operations. ContinuuOS is a web application running under […]
cyber.gouv.qc.ca CTF1 Writeup
The Quebec Gouvernment launched a CTF platform with only a link as information.The link is https://www.cyber.gouv.qc.ca/ctf/ctf1.enc I tried a lot decoding tools, algorithms and even created a script to count the number of repetitive sequences in a large string. Finally I had an idea. Looking at the last password we […]
Metasploit Community CTF Writeup
Everybody into IT Security knows about The Metasploit Framework from Rapid7. This weekend I had the chance to attend their own CTF event partnered with THM. This is a HackQuest CTF where teams have to pentest a machine running several services on ports up to 35000. Access & Enumeration We […]
CyberSecurityRumble 2021 – Result Writeup
Open the attached file, we see an email that was to a student. So what we have so far : The name of the student : Hans Deutshmeister The password is your personal zipcode A base64 string which is the PDF file First thing I did was decode the base64 […]
CyberSecurityRumble 2021 – Biometric Vault Writeup
Clicking the Challenge link brought me to this website. We will have to provide a facial picture, A full name and a voice sample. At this point anything I tried did not work. I started digging further into the website source code. Time to try to log as Helena! I […]
HTB – Knife Writeup
Nmap reveals ssh on port 22 and a website on port 80. I found a nice exploit on GitHub that will provide a reverse shell. Let’s start a listener. Time for escalation. Enumeration didn’t take long 😉 This should be fairly easy! Done!!! Rooted!
HTB – Cap Writeup
Nmap reveals FTP, SSH and HTTP. I couldn’t log successfully on FTP so went to the website. The pcap had nothing really interesting. Going back to the website and looking at the URL http://10.10.10.245/data/1 I wondered what was at /data/0. It seems like an older report. I downloaded it. After […]
HTB – Antique Writeup
Nmap reveals telnet port which seems to be a remote management endpoint for JetDirect printer. Let’s try it! I’m gonna need to find the password for this… After a while I found this blog post showing how to exploit by “Getting a JetDirect password remotely using the SNMP vulnerability“. I’ll […]