BSides-Jeddah-CTF Writeup to the BSides Jeddah CTF – 2021 Situation – BSides Jeddah BSides Jeddah is coming up with a blueteam flavored CTF this year hosted by CyberDefenders. This will be a Jeopardy-style intermediate CTF with a few harder challenges, including network analysis, memory forensics and malicious document analysis. To get the latest updates, follow us on twitter @JeddahBsides ,
Useful payloads Here are some valuable payloads for both Linux & Windows command injection on a vulnerable web-application. Feel free! Linux Payload Description whoami See what user the application is running under. ls List the contents of the current directory. You may be able to find files such as configuration files, environment files (tokens and application keys), and many more
Poor MEGAN! Points 20 Description Oh, NO! Poor Megan! She’s just been bitten by a ZOMBIE! We can save her if we act fast, but the formula for the antidote has been scrambled somehow. Figure out how to unscramble the formula to save Megan from certain zombification. Enter the answer as flag{here-is-the-answer}. The formula for the antidote: j2rXjx9dkhW9eLKsnMR9cLDVjh/9dwz1QfGXm+b9=wKslL1Zpb45 Getting the
Password Insecurities Points 50 Description It looks like DEADFACE is going after the password of one of De Monne’s customers: Haily Poutress. She has since changed her password, but De Monne is looking for ways to improve password requirements. De Monne would like you to crack the password from the database leak to determine if Haily’s password was secure enough.
Blood Bash 4 Points 200 Description A sensitive file from De Monne was exfiltrated by mort1cia. It contains data relating to a new web portal they’re creating for their consumers. Read the contents of the file and return the flag as flag{flag_goes_here}. Username: bl0ody_mary Password: d34df4c3 bloodbash.deadface.io:22 Get the flag We find a sus file in the homedirectory of the
All A-Loan Points 375 Description De Monne has reason to believe that DEADFACE will target loans issued by employees in California. It only makes sense that they’ll then target the city with the highest dollar value of loans issued. Which city in California has the most money in outstanding Small Business loans? Submit the city and dollar value as the
El Paso Points 250 Description The regional manager for the El Paso branch of De Monne Financial is afraid his customers might be targeted for further attacks. He would like you to find out the dollar value of all outstanding loan balances issued by employees who live in El Paso. Submit the flag as flag{$#,###.##}. Use the MySQL database dump
Boom Point 100 Description DEADFACE actors will be targeting customers they consider low-hanging fruit. Check out Ghost Town and see who they are targeting. Submit the number of target candidates as the flag: flag{#} Use the MySQL database dump from Body Count. Hint Link to discussion DEADFACE Member https://ghosttown.deadface.io/t/who-are-we-hitting-first/60/10 Getting the flag They are targeting boomer generation (1946-1964) Now lets
City Lights Points 40 Description De Monne wants to know how many branch offices were included in the database leak. This can be found by figuring out how many unique cities the employees live in. Submit the flag as flag{#}. Use the MySQL database dump from Body Count. Get the flag To get this flag use this statement: select count(distinct(city))
Keys Points 20 Description One of De Monne’s database engineers is having issues rebuilding the production database. He wants to know the name of one of the foreign keys on the loans database table. Submit one foreign key name as the flag: flag{foreign-key-name} (can be ANY foreign key). Use the MySQL database dump from Body Count. Getting the flag Just