Ischyr's blog

Archives · 2021

Home

About

Archives

loading..
CTF

Unbreakable Team

Unbr Team1st place at Junior Category and 5 GlobalWriteupmexican-specialties(50): SteganographyProof of FlagCTF{SISENIORILOVETACOBELLVERYVERYMUCH} SummaryWe get a image with a list of numbers that appear to be randomly at the first sight. Proof of SolvingIn this case I got the numbers manually because the string is not that big but it is preferable to..

Read more
loading..
Pentesting

ROCSC KOTH

- Tomato -Information GatheringNMAP command used: ( scanning for all the ports fast and efficient) sudo nmap -p- -sS --min-rate 5000 --open -T5 -vvv -Pn 164.90.170.107 -oG nmap/allPorts command used: ( scanning the ports we got ) nmap -A -sC -sV -p22,1592,3479,5824 164.90.170.107 -Pn Host is up (0.096s latency). PORT STATE SERVICE VERSION 22&#..

Read more
loading..
HackTheBoxMediumPentesting

Seal

Information GatheringNMAP command used: ( scanning for all the ports fast and efficient) sudo nmap -p- -sS --min-rate 5000 --open -T5 -vvv 10.10.10.250 -oG nmap/allPorts --defeat-rst-ratelimit command used: ( scanning the ports we got ) nmap -A -sC -sV -p22,443,8080 10.10.11.105 -Pn -oA nmap/full_scan -> All ports scan: Reason: 65529 rese..

Read more
loading..
HackTheBoxMediumPentesting

Secret

Information GatheringNMAP command used: ( scanning for all the ports fast and efficient) sudo nmap -p- -sS --min-rate 5000 --open -T5 -vvv 10.10.11.120 -oG nmap/allPorts --defeat-rst-ratelimit command used: ( scanning the ports we got ) nmap -A -sC -sV -p22,80,3000 10.10.11.120 -Pn -oA nmap/full_scan -> All ports scan: Not shown: 65454 clo..

Read more
loading..
CTF

ROCSC

ROCSC 2021Writeupcan-you-jump(210): PwnProof of FlagCTF{70dd83585c9e2656c8a391b7dbc1f28e8d40a98067fdb56adfb69b8e509481df} SummaryWe get a 64-bit executable, not stripped which we need to pwn.After some analysis we see that just NX is enabled so we can’t use shellcode for this exploit. After running the program we can see that it’s leaking a printf() ad..

Read more
loading..
HackTheBoxPentestingEasy

Horizontall

Information GatheringNMAP command used: ( scanning for all the ports fast and efficient) sudo nmap -p- -sS --min-rate 5000 --open -T5 -vvv -Pn 10.10.11.105 -oG nmap/allPorts command used: ( scanning the ports we got ) nmap -A -sC -sV -p22,80 10.10.11.105 -Pn -oA nmap/full_scan -> All ports scan: Not shown: 65527 closed ports, 6 filtered po..

Read more