Write-Up nn9ed CTF – Moon Casino

Descripción Our casino is under construction. Warm up yourself with this easy challenge! http://casino.nn9ed.ka0labs.org/ Write-up Cuando entramos en la web vemos lo siguiente: Como a simple vista solo tenemos una imagen de la luna, hacemos Ctrl+U para echarle un vistazo al código fuente: Destaca el comentario, con el que averiguamos que existe el atributo source […]

Read more
Hack The Box: Fortune

Fortune is a just retired Insane rated box which is actually my first owned machine in this range of difficulty and it ended up being easier than I expected. In my opinion, this box was perfectly designed and it was an awesome ride from start to finish, very enjoyable. This is an OpenBDS box that […]

Read more
Write-Up Google CTF – “Malvertising”

Description Unravel the layers of malvertising to uncover the Flag.https://malvertising.web.ctfcompetition.com Analysis We’re given the webpage of the link above. When we read the source, an iframe to ads/ad.html appears. Clicking it, we notice the file src/metrics.js, which is, not only minimized, but completely obfuscated. Procedure Stage 1 After a few hours of cleaning the code, […]

Read more
Write-Up INS’HACK2019 – “hell_of_a_jail”

Description A guy from FBI found about your Ruby programming activities and has put you inside a python Jail ! Find your way out!ssh -i -p 2222 user@hell-of-a-jail.ctf.insecurity-insa.frTo find your keyfile, look into your profile on this website.Category: pwn Analysis Once we connect through ssh, we see the following: So it’s a Python jail. We’re […]

Read more
Write-Up INS’HACK2019 – Ropberry

Description You hack this guy on challenge called gimme-your-shell, but he is still always asking me the same question when I try to find his secret. Maybe you can do something.He is waiting for you at: ssh -i <your_keyfile> -p 2226 user@ropberry.ctf.insecurity-insa.fr To find your keyfile, look into your profile on this website.Category: pwnFile: here Analysis This challenge […]

Read more