zacheller@home:~/blog$

  • 247/CTF - THE TEXT EDITOR JAIL

    Prompt We didn’t have time to setup and test a proper jail, so this text editor will have to do for now. Can you break free? Solution This one is a pretty simple escape. We are dropped into vim over a ttyd web terminal. In case anyone hasn’t seen it,...

  • Vulnhub - DC: 2

    Here’s a walkthrough for the second VM in the DC Vulnhub series. I keep the VMs I download from the internet on an internal network so as not to expose my home network. I clone my attacker VM and then add that to the internal network to begin pentesting. If...

  • 247/CTF - AN IMPOSSIBLE NUMBER

    Prompt Can you think of a number which at the same time is one more than itself? Solution We are given some C code for the backend. As the value range for an int in C is -2,147,483,648 to 2,147,483,647. The obvious answer is 2,147,483,647 because incrementing it would cause...

  • Malware Traffic Analysis Exercise - DYNACCOUNTIC

    This challenge is from MALWARE-TRAFFIC-ANALYSIS.NET. Download the PCAP ZIP yourself here. Check their about page for the password. Scenario Someone at Dynaccountic has infected their Windows computer. Your manager has tasked you to write an incident report. Here’s a brief outline of associated network traffic: LAN segment: 10.10.10.0/24 (10.10.10.0 through...