Posts tagged with "Infosec"

IceCTF 2016 Writeups

Over the past couple of weeks, I participated in an Icelandic capture the flag competition, hosted by IceCTF. The challenges ranged from very easy to quite difficult. I managed to solve about a dozen or so challenges, so this post will be quite long.

Vape Nation - Stego 50pts.

Description: Go Green! vape_nation.png

For this challenge you were given a .png image (seen below).

Image

To find the flag, I used a nifty program called StegSolve. From there, I played around with some of the analysis options until I found the flag using the “Green plane 0” setting.

infosec offsec ctf

Trend Micro CTF 2016 Writeups

Misc./IoT - 100 pts.

Description

Category: Misc(iot and network)
Points: 100
Please analyze this pcap.
Decrypt the downloaded file by the following command.

 $ unzip files21.zip
 $ openssl enc -d -aes-256-cbc -k gcCbBJN5pIHiL8JiJ8Xj -in files21.enc -out files21_ok.zip
 $ unzip files21_ok.zip

After opening the file in wireshark, it seems that we are viewing the history of someone interacting with a machine using telnet. They attempt to login using default credentials like admin/admin, and finally succeed using an account called “reds”. They then start to check things like users on the machine, disk space, and network connectivity. Eventually, we get to some ESP packets that were sent along an encrypted tunnel.

infosec offsec ctf

sCTF 2016 Writeups

Over the past week, I participated in an online jeopardy-based CTF competition hosted by sCTF. While sCTF is primarily aimed at high school students interested in hacking and infosec, they allowed other competitors to participate for fun. I was surprised at the overall level of difficulty that the challenges offered! Below are a few quick write-ups for the challenges I completed.

rev1

This was the first reverse engineering problem. You were given a binary file, called rev1. Running the binary gives you this:

infosec offsec ctf