Friends Bielsa: ‚Everything is allowed, except stop fighting‘ Given was this image: Todos Like always – I check strings and exiftools and the file itself! But no command give us something. $ ~ # file messi.jpg messi.jpg: JPEG image data, JFIF standard 1.01, aspect ratio, density 1×1, segment length 16, baseline, precision 8, 720×628, components 3 exiftool messi.jpg > messi.jpg_exifdata
Password Insecurities Points 50 Description It looks like DEADFACE is going after the password of one of De Monne’s customers: Haily Poutress. She has since changed her password, but De Monne is looking for ways to improve password requirements. De Monne would like you to crack the password from the database leak to determine if Haily’s password was secure enough.
Blood Bash 4 Points 200 Description A sensitive file from De Monne was exfiltrated by mort1cia. It contains data relating to a new web portal they’re creating for their consumers. Read the contents of the file and return the flag as flag{flag_goes_here}. Username: bl0ody_mary Password: d34df4c3 bloodbash.deadface.io:22 Get the flag We find a sus file in the homedirectory of the
All A-Loan Points 375 Description De Monne has reason to believe that DEADFACE will target loans issued by employees in California. It only makes sense that they’ll then target the city with the highest dollar value of loans issued. Which city in California has the most money in outstanding Small Business loans? Submit the city and dollar value as the
El Paso Points 250 Description The regional manager for the El Paso branch of De Monne Financial is afraid his customers might be targeted for further attacks. He would like you to find out the dollar value of all outstanding loan balances issued by employees who live in El Paso. Submit the flag as flag{$#,###.##}. Use the MySQL database dump
Boom Point 100 Description DEADFACE actors will be targeting customers they consider low-hanging fruit. Check out Ghost Town and see who they are targeting. Submit the number of target candidates as the flag: flag{#} Use the MySQL database dump from Body Count. Hint Link to discussion DEADFACE Member https://ghosttown.deadface.io/t/who-are-we-hitting-first/60/10 Getting the flag They are targeting boomer generation (1946-1964) Now lets
City Lights Points 40 Description De Monne wants to know how many branch offices were included in the database leak. This can be found by figuring out how many unique cities the employees live in. Submit the flag as flag{#}. Use the MySQL database dump from Body Count. Get the flag To get this flag use this statement: select count(distinct(city))
Keys Points 20 Description One of De Monne’s database engineers is having issues rebuilding the production database. He wants to know the name of one of the foreign keys on the loans database table. Submit one foreign key name as the flag: flag{foreign-key-name} (can be ANY foreign key). Use the MySQL database dump from Body Count. Getting the flag Just
Body Count Points 10 Task Description One of our employees, Jimmie Castora, kept database backups on his computer. DEADFACE compromised his computer and leaked a portion of the database. Can you figure out how many customers are in the database? We want to get ahead of this and inform our customers of the breach. Submit the flag as flag{#}. For
Umgang mit Passwörtern im Allgemeinen Passwörter, ein notwendiges Übel und häufig der einzige Schutz vor dem Zugriff auf die eigene Identität (facebook) oder andere Services. Nun kommt es aber vor, dass wir Administratoren mal Passwörter und Benutzernamen austauschen müssen. Häufig auch für mehrere Benutzer. Weiter muss man sich dann noch die Frage stellen, wie man die Passwörter und Benutzernamen sicher