Categories
Computing Hacking & CTF

CTF – Irish-Name-Repo 1-3

We’re going to look at the 3 ‘Irish Name Repo’ hacking challenges supplied by PicoCTF. All three challenges are broken down below, so you can see how the solution develops. Irish Name Repo 1 This is a 300 point Web Exploitation hacking challenge. This is what we’re provided with: AUTHOR:┬áCHRIS HENSLER Description There is a […]

Categories
Computing Hacking & CTF

THM – Blue CTF Room

This CTF challenge room is hosted by the team over at TryHackMe; it’ll take us from Recon, through exploitation and privilege escalation of the Windows box, then flag finding. We’ll be using nmap, Metasploit, EternalBlue payloads, system registries, hashdump and several other components. The room’s description is ‘Deploy & hack into a Windows machine, leveraging […]

Categories
Computing Hacking & CTF

CTF – mus1c Challenge

This PicoCTF general skills challenge was a bit of a weird one. You’ll either know what to do straight away, or have very little to go on. I was the latter. If you’ve delt with esolangs before… you’re probaby one step ahead of me. Valued at 300 points, you’re given a small lyrics txt file […]

Categories
Computing Hacking & CTF

CTF – Web Gauntlet 3

Another quick writeup of a CTF hacking challenge, hosted by PicoCTF. This challenge Web Gauntlet 3, is an injection attack. I believe the payload for this challenge actually works for the previous two challenges as well, Web Gauntlet 1 and Web Gauntlet 2. The hacking challenge AUTHOR: MADSTACKS Description Last time, I promise! Only 25 […]

Categories
Hacking & CTF Linux

CTF – Vulnveristy Privilege Escalation

Task 5 of TryHackMe’s Vulnversity CTF room is Privilege Escalation. Previously we comprimsed the web server by uploading a reverse-shell payload in a PHTML file. Now we’ve got a foot hold on the box, can we achieve root level access? Task 5 – Privilege Escalation Our task; now you have compromised this machine, we are […]

Categories
Computing Hacking & CTF jQuery & JavaScript

CTF – Java Script Kiddie

Even though I know some Javascript, this 400 point web-exploitation hacking challenge from PicoCTF proved to be a difficult for me. Thankfully with my forensic background I was well aware of important elements of this challenge, such as hex, bytes and file signatures. Saying that, it still took a few hours from starting the Java […]