JerseyCTF 2022 / forensics – speedy-at-midi

Ulli Weichert/ April 10, 2022/ IT-Security, Write-Ups/ 0Kommentare

speedy-at-midi Points: 150 Your partner-in-crime gets a hold of a MIDI file, riff.mid, which intelligence officials claim to contain confidential information. He has tried opening it in VLC Media Player, but it sounds just like the piano riff in riff.mp3. Can you find the right tool to extract the hidden data? Solving Downloaded the files Looked at it wit sonic

Weiterlesen

JerseyCTF 2022 / forensics – recent-memory

Ulli Weichert/ April 10, 2022/ IT-Security, Write-Ups/ 0Kommentare

recent-memory Points: 250 Use the memory image in the Google drive link below. An attacker left behind some evidence in the network connections. Follow the attacker’s tracks to find the flag. https://drive.google.com/drive/folders/1ubSx3pwHOSZ9oCShHBPToVdHjTev7hXL Solving Okay let’s analyze the memory file, I will use volitality3 for this. With this command we can get all net sessions stored in the memory. python vol.py

Weiterlesen

JerseyCTF 2022 / crypto – would-you-wordle

Ulli Weichert/ April 10, 2022/ IT-Security, Write-Ups/ 0Kommentare

would-you-wordle Points: 250 Someone left this secret text string and unfinished Wordle. Can you put them together to get the flag? pUpPHg3KfB15MG2KGtQQMDEECPOF8oa3VA== Solving Okay lets have a look at it. The hint tells us something about "Ron’s code". This should be RC4 according to this: RC4 (for ‚Ron’s Code 4‘) is a stream cipher developed by Ronald L. Rivest in

Weiterlesen

picoCTF 2022: web – SQLiLite

Ulli Weichert/ April 7, 2022/ IT-Security, Write-Ups/ 0Kommentare

SQLiLite Description Can you login to this website? Try to login here. Solving Connecting to the website will give us a login form. Assuming for a sql injection (title of the task) we try to login via ' or 1=1– for username and password. This works… the flag should be in plainsight… okay then the sourcecode or selecting everything again…

Weiterlesen

picoCTF 2022: web – SQL Direct

Ulli Weichert/ April 7, 2022/ IT-Security, Write-Ups/ 0Kommentare

SQL Direct Description Connect to this PostgreSQL server and find the flag! The connectionsettings could be different on your side. psql -h saturn.picoctf.net -p 59911 -U postgres pico Password is ‚postgres‘ Solving With the given connectionstring we can log into the postgres database There we just need to ‚SELECT‘ what we want. With ‚\l‘ you can list the databases and

Weiterlesen