This box starts off with a web application that offers dotnet building services. Reconnaissance We find that the login page uses metabase, which is an open source business intelligence tool tha...
This box starts off with a web application that offers dotnet building services. Reconnaissance Nothing special in the nmap scan. # Nmap 7.93 scan initiated Wed Oct 4 17:07:47 2023 as: nmap -...
This is a fairly new challenge at the time of creating this write-up with only around 200 solves and no active write-ups. The challenge starts of with a webpage that renders template (.tpl) files ...
This box starts off with a web application that offers hosting services. Reconnaissance $ nmap -sC -sV -oN nmap_result 10.10.11.230 Starting Nmap 7.93 ( https://nmap.org ) at 2023-09-08 11:59 C...
This machine starts off with a webpage that contains a series of cat pictures. Reconnaissance The standard Nmap scan that I normally ran, only scans the most common ports. For this box using th...
This box starts off with a web service that creates a basket that collects and inspects HTTP requests, it is accessible through a REST API or a web UI. Reconnaissance # Nmap 7.93 scan initiated W...
Hey, do a flip! We get the source code to a machine we can connect via netcat on port 1337. Reconnaissance Source Code import socketserver import socket, os from Crypto.Cipher import AES fro...
This box starts off with a website of a Secret Spy Agency. This website has an about page where you can encrypt and decrypt messages via pgp keys. Enumeration # Nmap 7.93 scan initiated Mon Jun 1...
This is a CTF hosted for Nahamcon. Web Star Wars - Medium We have a webpage with a blog post with a star wars theme. We can click the only blog post this blog has. We can post a comment that a...
Knock knock! Race condition. Who’s there? In the home directories of Walk, Run and Sprint you will find a vulnerable SUID binary, the C source code and a flag. Your task is to exploit the b...
A new version of content is available.