JerseyCTF 2022 / web – apache-logs

Ulli Weichert/ April 10, 2022/ IT-Security, Write-Ups/ 0Kommentare

apache-logs Points: 100 An apache log file that contains recent traffic was pulled from a web server. There is suspicion that an external host was able to access a sensitive file accidentally placed in one of the company website’s directories. Someone’s getting fired… Identify the source IP address that was able to access the file by using the flag format:

Weiterlesen

JerseyCTF 2022 / osint – photo-op-spot

Ulli Weichert/ April 10, 2022/ IT-Security, Write-Ups/ 0Kommentare

photo-op-spot Points: 150 In three words tell me where I stood when I grabbed this picture. Solving Okay we got a picture from a strange tower… lets google for that picture. We’ll find quickly what we are looking for.. the tower is located in Seattle. Public Art "Transforest" Tourist attraction in Seattle, Washington Now we have to find the three

Weiterlesen

JerseyCTF 2022 / osint – dns-joke

Ulli Weichert/ April 10, 2022/ IT-Security, Write-Ups/ 0Kommentare

dns-joke Points: 100 Description A system administrator hasn’t smiled in days. Legend has it, there is a DNS joke hidden somewhere in www.jerseyctf.com. Can you help us find it to make our system administrator laugh? Solving To get the flag, check the dns entries of the www.jerseyctf.com subdomain. jerseyctf.com TXT @192.168.178.1 +short "jctf{DNS_J0k3s_t@k3_24_hrs}" This script will help you get the

Weiterlesen

JerseyCTF 2022 / mist – root-me

Ulli Weichert/ April 10, 2022/ IT-Security, Write-Ups/ 0Kommentare

root-me Points: 400 SSH into the challenge host, 0.cloud.chals.io on port 19777 Username: ubuntu Password: jctf2022! Find the flag Solving We have login credentials for a server… so let’s dive in: ssh ubuntu@0.cloud.chals.io -p 19777 Okay… first we check sudo permissions, therefore just use sudo -l, but we don’t have any permissions. So let’s look for some other quickwins, shall

Weiterlesen

JerseyCTF 2022 / forensics – speedy-at-midi

Ulli Weichert/ April 10, 2022/ IT-Security, Write-Ups/ 0Kommentare

speedy-at-midi Points: 150 Your partner-in-crime gets a hold of a MIDI file, riff.mid, which intelligence officials claim to contain confidential information. He has tried opening it in VLC Media Player, but it sounds just like the piano riff in riff.mp3. Can you find the right tool to extract the hidden data? Solving Downloaded the files Looked at it wit sonic

Weiterlesen

JerseyCTF 2022 / forensics – recent-memory

Ulli Weichert/ April 10, 2022/ IT-Security, Write-Ups/ 0Kommentare

recent-memory Points: 250 Use the memory image in the Google drive link below. An attacker left behind some evidence in the network connections. Follow the attacker’s tracks to find the flag. https://drive.google.com/drive/folders/1ubSx3pwHOSZ9oCShHBPToVdHjTev7hXL Solving Okay let’s analyze the memory file, I will use volitality3 for this. With this command we can get all net sessions stored in the memory. python vol.py

Weiterlesen

JerseyCTF 2022 / forensics – data-backup

Ulli Weichert/ April 10, 2022/ IT-Security, Write-Ups/ 0Kommentare

data-backup Points: 250 The backup of our data was somehow corrupted. Recover the data and be rewarded with a flag. Solving My first attempt is to restore the file from the backup with foremost or binwalk -e. So I tried it with binwalk and got some files. Also a PDF file, that contains the flag. jctf{fun_w17h_m461c_by735}