CTFlearn Easy

Sorted all challenges by difficult so that I could attempt and learn from the easier ones.

Easy

Misc

Practice Flag - 20pts

Try inputting the flag: flag{CTFLearn_is_awesome}

  • Submitted: CTFLearn{CTFLearn_is_awesome}

Wikipedia - 30pts

Not much to go off here, but it�s all you need: Wikipedia and 128.125.52.138.

  • Navigated to wikipedia site https://www.wikipedia.org/
  • Searched for 128.125.52.138 and found page on Flag. Searched within page for CTF and found reference to CTF flgs
  • Submitted: CTFlearn{cNi76bV2IVERlh97hP}

QR Code - 30pts

Do you remember something known as QR Code? Simple. Here for you :
https://mega.nz/#!eGYlFa5Z!8mbiqg3kosk93qJCP-DBxIilHH2rf7iIVY-kpwyrx-0

[Read More]

QUT Whitehats CTF Misc Challenges

Misc Challenges

This blog page is for the Misc challenges on the CTF page and is likely to be updated as the new challenges are added to the CTF.

WARNING: Like all my CTF notes, this contains spoilers.

Chuck Norris - 30pts

It’s Chuck Norris

flag syntax: flag{insertflaghere}

  • Downloaded the chuck.pcap file from https://ctf.qutwhitehats.club/files/06159f05f2fec53ca602559bf422cd30/chuck.pcap?token=eyJ1c2VyX2lkIjoxMCwidGVhbV9pZCI6bnVsbCwiZmlsZV9pZCI6Mn0.XosP0g.C-a6_prdNYuWZMKwJ_KZHrF7UE4
  • Opened the file in wireshark
  • Manually reviewed the conversations, Statistics -> Conversations
  • Noticed single conversation with internal host 10.0.85.10, all other conversations were to external hosts, i.e. not the reversed ranged
  • Applied as filter ip.addr==10.0.75.102 && ip.addr==10.0.85.10
  • Manually reviewed the HTTP response data
  • Found: Hey this is a flag FLAG-GehFMsqCeNvof5szVpB2Dmjx
  • Submitted: flag{FLAG-GehFMsqCeNvof5szVpB2Dmjx}

Mr_Elliot - 100pts

Bonsoir Elliot

[Read More]

UQ Cyber Squad 0x03 Shells

Introduction

0x03 Shells session presented by the UQ Cyber Squad. Access via OpenVPN connection. OpenVPN configuration bundle provided during the workshop.

Challenge 1 - Family Binding Time - 10pts

Let’s bind together at 192.168.57.11:8297

nc 192.168.57.11 8297
id
uid=1002(user) gid=1002(user) groups=1002(user)
pwd
/home/user
ls -las
total 60
 4 drwxr-xr-x 3 user    user  4096 Mar 27 06:02 .
 4 drwxr-xr-x 4 root    root  4096 Mar 24 02:13 ..
 4 -rw------- 1 user    user  1584 Mar 26 01:26 .bash_history
 4 -rw------- 1 user    user   105 Mar 26 00:50 .lesshst
 4 -rw------- 1 user    user     5 Mar 24 03:38 .python_history
 4 drwxr-xr-x 2 user    user  4096 Mar 26 00:59 .ssh
 8 -rw------- 1 user    user  5066 Mar 27 06:01 .viminfo
 4 -r-xr-xr-x 1 root    user   892 Mar 27 06:02 init_shell.py
20 -rwsr-xr-x 1 richard root 16728 Mar 26 00:54 read_secret_message
 4 -rw-r--r-- 1 user    user    24 Mar 24 02:14 user.txt
cat user.txt	
flag{n1c3_b0nd1ng_t1m3}

Challenge 2 - shhhhhhhh - 20pts

How do I ssshhhhh? How do I know how to?

[Read More]
ctf  uq  less  ssh  nc  netcat  suid  shell  bash 

Over the Wire - Wargames - Bandit

Introduction

Details about the challenges may be found at https://overthewire.org/wargames/bandit/. The game is played over SSH over port 2220 so firewalls may need to be adjusted to allow outbound traffic to connect to the game. The game has 34 levels. The levels are chained, so that to get to the next level you need to complete/finish/beat the previous level.

WARNING: These are my own notes and contain actual flags.

Bandit Level 0

Level Goal

The goal of this level is for you to log into the game using SSH. The host to which you need to connect is bandit.labs.overthewire.org, on port 2220. The username is bandit0 and the password is bandit0. Once logged in, go to the Level 1 page to find out how to beat Level 1.

[Read More]

UQ Cyber Squad 0x01 Intro to Linux, Machines, and Networking

Introduction

Found the UQ Cyber Squad site at https://cybersquad.uqcloud.net/index.html. Signed up for their CTF on https://ctf.uqcloud.net/

0x01 Introduction to Linux

This was identical to the QUT Whitehats Week 2 for challenges 1 through to 8. The writeup was already done at https://kush.com.fj/blog/posts/2020-02-28_qut_wh_wk2/.

No place like index.html - 10pts

There’s no clues or hints for this but it was pretty obvious.

  • Navigated to https://cybersquad.uqcloud.net/index.html
  • Manually reviewed the page source and searched for flag
  • Found flag on line #30 of the source
  • Submitted: flag{w0ah_n1c3_f1nd}

Machines

The machines challenges were named machines because they provided virtual machines for a traditional boot-to-root.

[Read More]

QUT Whitehats CTF Week_3

Week_3

WARNING: Like all my CTF notes, this contains spoilers.

3x01 - 10pts

https://crypto.qutwhitehats.club/ch1

For simplicity sake, to be able to easily attempt this weeks challenges, please navigate to: https://www.katacoda.com/0xollie/scenarios/0x01 sign up/sign in and click onto the terminal.

INPUT: apt install httpie -y wait approx 1 minute for it to install.

obtain ciphertext by running the following command: http get https://crypto.qutwhitehats.club/ch1

To input an answer run the following command: http post https://crypto.qutwhitehats.club/ch1 answer=“answerhere”

[Read More]

QUT Whitehats CTF Week_2

Week_2

I spent a good 10 minutes trying to figure out the challenges before reaching for help. Eventually was told that the challenge location was “on the end of our slide deck is a link to katacode, thats where Olliver is doing his Challenges https://www.katacoda.com/0xollie/scenarios/0x01"

Signed up for Katacoda and nativated to the URL.

WARNING: Like all my CTF notes, this contains spoilers.

Challenge 1 - Normal files - 10pts

These are just regular files flag syntax: flag{insert_flag_here}

[Read More]
ctf  qut  whitehats 

QUT Whitehats CTF Week_1

Week_1

WARNING: Like all my CTF notes, this contains spoilers.

How_2_Flag - 0 pts

For our CTF challenges this year we will be using the format: flag-{example_flag} Please note that all flags are case-sensitive!

  • Submitted: flag-{example_flag}

Community - 5 pts

Have you joined our discord server yet? https://discord.gg/kRbcVnP

  • Joined discordapp
  • Clicked on Add a server
  • Used the URL in the challenge
  • Checked #flag channel
  • Submitted: flag-{welcome_1337_haxor}

Stay_Informed - 10 pts

Our website - https://qutwhitehats.club is a vast treasure trove of information. Have a look and see if you can find the hidden flag!

[Read More]
ctf  qut  whitehats 

AWSN Cadet CTF

Introduction

I was fortunate enough at attend an Australian Women in Security Networ (AWSN) session. Following the session there was a beginner level capture the flag (CTF) hosted off http://149.28.182.32:8000. These are my notes from the CTF. Additional things to note are, firstly, that for the Web challenges, challenge 4 is called flag5, and challenge 5 references flag4. Secondly, the submission for the Cryptography password challenge expects the flag in the format flag{flag_value}. Finally, the notes below contain spoilers, and actual flags submitted.

[Read More]

JCSC Incident Response - Brisbane CTF

Introduction

I was fortunate enough to attend a JCSC Incident Response training sessions today in Brisbane. Even more fortunate since Yaleman allowed me to join his team. The incident response scenario was that of responding to an incident for the Wind in case of no daylight (WIND) corporation where an information security incident appears to have occurred and a wind turbine has stopped operating.

We were provided some artefacts to perform analysis on and submit responses to to get points for the CTF. I had never used volatility, so the exercise provides an excellent opportunity to learn to use volatility.

[Read More]