Posted on sam. 25 janvier 2020 in CTF • Tagged with hack, learn, ctf, rtcp, rice, tea, cat, panda, forensic, general, cli, research
solves : 38
Point : 200
It appears that my cat has gotten itself stuck in a tree... It's really tall and I can't seem to reach it. Maybe you can throw a snake at the tree to find it?
Oh, you want to know what my cat looks like …Posted on sam. 25 janvier 2020 in CTF • Tagged with hack, learn, ctf, rtcp, rice, tea, cat, panda, forensic, general, cli, research
solves : 401
Point : 125
ᵘʷᵘ oh no ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ hecc sorry guys ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ sorry im dropping ᵘʷᵘ my uwus all over the ᵘʷᵘ place ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ oh no I lost one ᵘʷᵘ ᵘʷᵘ ᵘʷᵘ …Posted on mer. 25 décembre 2019 in CTF • Tagged with hack, learn, ctf, santhacklaus, tls, tshark, wireshark, network, http, forensic, analysis
Suspicious activity has been detected. Probably nothing to be scared about but take a look anyway.
If you find anything, a backdoor, a malware or anything of this kind, flag is the sha256 of it.
| Measurement | Captured |
|---|---|
| Packets | 185701 |
| Time span, s | 653.730 |
| Average pps | 284.1 |
| Average … |
Posted on ven. 22 novembre 2019 in CTF • Tagged with hack, learn, ctf, forensic, writeup, ecw, windows, service
At your service (150 points + ???)
Our internal IT team has developed an innovative tool to assist users in their daily tasks.
This tool has been deployed on some Windows workstations last months, but we strongly suspect that attackers have used it to gain administrator privileges on these machines.
The service …Posted on ven. 22 novembre 2019 in CTF • Tagged with hack, learn, ctf, forensic, writeup, network, protocol, tshark, awk, sed, ecw
File : extracted.pcap
Merci à Killbit pour avoir trouver le writeup et les deux scripts python !
Data exfiltration (50 points)
It seems that some sensitive information has been compromised. The supervision teams have captured suspicious traffic and stored it in the FTP server of the Harbour's Master Office Secure …Posted on ven. 22 novembre 2019 in CTF • Tagged with hack, learn, ctf, forensic, writeup, ecw, windows, service
SIEM investigation (100 points)
One of our employees, Robert, found a USB key on the harbour dock while walking around during his break and decided to connect it to his workstation. Being very curious, he decided to open files contained in the key. Unfortunately for him, one of the files …Posted on sam. 19 octobre 2019 in CTF • Tagged with hack, learn, ctf, forensic, writeup, miscellaneous, python, jail, pyjail, ecw
Le but d'une jail, c'est de s'en échapper et d'accéder au flag avec les seules fonctions, méthodes ou autres que nous avons à notre disposition. Cette jail est faite en Python3 et nous devons retrouver le flag avec les accès qu'elle nous laisse avoir.
ssh -p 10022 tete2soja@challenge-ecw.fr …Posted on mer. 16 octobre 2019 in CTF • Tagged with hack, learn, ctf, forensic, writeup, network, protocol, tshark, awk, sed, xdd, ecw
File : puzzle.pcap
SCADA/Modbus
Bon, n'ayant (pour l'instant) aucune connaissance sur ModBus ou SCADA, on commence par suivre le flux TCP (ce protocole utilisant TCP) afin d'avoir un visu sur l'ensemble des données qui ont été enregistrées.
On sait également que le flag respecte la nomenclature suivante : ECW …
Posted on jeu. 10 octobre 2019 in CTF • Tagged with hack, learn, ctf, forensic, writeup, ecw
On récupère pour ce challenge un fichier compressé via 7zip. On peut donc l'ouvrir mais on obtiens une demande de mot de passe :
$ 7z e ntfs.7z
7-Zip [64] 16.02 : Copyright (c) 1999-2016 Igor Pavlov : 2016-05-21
p7zip Version 16.02 (locale=fr_FR.UTF-8,Utf16=on,HugeFiles …Posted on dim. 07 juillet 2019 in CTF • Tagged with hack, learn, ctf, lehack, encode, openssl, forensic
File : 103_spx.zip
ECSC# 103_spx
80 Points
tu fais du forensic? bah t'as pas besoin de description, nah!
Url: https://static.wargame.rocks/103_spx.zip
Bon, on a pas beaucoup de texte pour nous aider. On récupère donc l'archive et on extrait son contenu.
$ unzip 103_spx.zip
Archive: 103_spx …