zacheller@home:~/blog$

  • pwnable.kr - blukat

    Prompt Sometimes, pwnable is strange… hint: if this challenge is hard, you are a skilled player. ssh blukat@pwnable.kr -p2222 (pw: guest) Solution blukat@pwnable:~$ ls blukat blukat.c password blukat@pwnable:~$ cat blukat.c #include <stdio.h> #include <string.h> #include <stdlib.h> #include <fcntl.h> char flag[100]; char password[100]; char* key = "3\rG[S/%\x1c\x1d#0?\rIS\x0f\x1c\x1d\x18;,4\x1b\x00\x1bp;5\x0b\x1b\x08\x45+"; void calc_flag(char* s){ int...

  • TryHackMe - Web Fundamentals

    Room: Web Fundamentals This room is designed as a basic intro to how the web works. Mini CTF There’s a web server running on http://10.10.32.23:8081. Connect to it and get the flags! GET request. Make a GET request to the web server with path /ctf/get curl http://10.10.32.23:8081/ctf/get POST request. Make...

  • TryHackMe - ToolsRUs

    This is a writeup to the ToolsRus Room on TryHackMe.com. The goal is to practice using dirbuster, hydra, nmap, nikto and metasploit. The challenge is to use the tools to enumerate a server, gathering information along the way that will eventually lead to you taking over the machine. What directory...

  • picoCTF 2020 Mini-Competition - Pitter, Patter, Platters

    Challenge Description ‘Suspicious’ is written all over this disk image. Download suspicious.dd.sda1. Hints It may help to analyze this image in multiple ways: as a blob, and as an actual mounted disk. Have you heard of slack space? There is a certain set of tools that now come with Ubuntu...