zacheller@home:~/blog$

posts

about

whoami

contact

  • TryHackMe - Overpass 2

    Forensics - Analyze the PCAP First, I downloaded the PCAP and opened it in Wireshark. Several packets jumped out due to their info containing: POST /development/upload.php HTTP/1.1. To find the actual payload, I exported the HTTP object of upload.php in packet 14: -----------------------------1809049028579987031515260006 Content-Disposition: form-data; name="fileToUpload"; filename="payload.php" Content-Type: application/x-php <?php...

  • TryHackMe - Advent of Cyber 2020

    I finished the 25 challenges for the 2020 Advent of Cyber Competition. It was a fun series, though pretty easy. I appreciate that it got me working on TryHackMe every day.

  • TryHackMe - Anthem

    This is a simple box that doesn’t require actual exploitation located (here)[https://tryhackme.com/room/anthem]. Website Analysis Run a basic nmap <ip> to discover port a website on port 80 and an RDP service on port 3389. Check /robots.txt to find a password and some “hidden” directories: /bin, /config, /umbraco, /umbraco_client. Be sure...

  • KringleCon 2020 CTF

    I spent some time in KringleCon this year. There were some unique challenges, and I had a good time. Here are some of my solutions. Objectives Uncover Santa’s Gift List Q: There is a photo of Santa’s Desk on that billboard with his personal gift list. What gift is Santa...