CTF: Jarbas 1 – vulnhub CTF walkthrough

VM: Jarbas 1
Author: Tiago Tavares (vulnhub) @tiagotvrs (twitter)
Series: Jarbas
Difficulty: Beginner/Intermediate
Privilege Escalation: Beginner/Intermediate*
Target IP: 192.168.1.112

This is a walkthrough on the CTF called Jarbas uploaded to vulnhub. *I’m not sure whether this is to be classified as Intermediate or beginner but it has its own twist on the way of getting a shell due to the lack of nc on the target (probably it’s a bit more into the beginner category).
Continue reading “CTF: Jarbas 1 – vulnhub CTF walkthrough”

DNS Cache Posionning and things to remember

As I stumbled on several occasions where DNS Cache Poisoning is properly done but not working out as expected I’m writing the present short article as a reminder for anyone wondering why DNS Cache Poisoning is not working (and for my own reference as well, it’s always great to keep a jewelry box with some small details that could sink a great ship). Continue reading “DNS Cache Posionning and things to remember”

CTF: Pinky’s Palace v2 (HARD) – vulnhub CTF walkthrough

VM: Pinky’s Palace v2
Author: Pink_Panther (vulnhub) @Pink_P4nther​​ (twitter)
Series: Pinky’s Palace
Difficulty: Beginner/Intermediate
Privilege Escalation: Intermediate/Highly Advanced*
Target IP: 10.0.0.5
Target host: pinkydb

* requires reverse engineering techniques to escalate privileges
Continue reading “CTF: Pinky’s Palace v2 (HARD) – vulnhub CTF walkthrough”

CTF: Brainpan 1 CTF walkthrough – Introduction to exploit development (Part II)

Part I: Brainpan 1 CTF walkthrough – Introduction to exploit development

Phase #5: Getting a stable shell

As it can be seen from the screenshot, an unexpected event has happened – we are actually provided a windows prompt, however the overall file structure seems to be linux-like: Continue reading “CTF: Brainpan 1 CTF walkthrough – Introduction to exploit development (Part II)”

CTF: Brainpan 1 CTF walkthrough – Introduction to exploit development (Part I)

VM: https://www.vulnhub.com/entry/brainpan-1,51/
Difficulty: Beginner/Intermediate
IP: 172.16.253.130 (arp-scan -I vmnet1 –localnet) If you were looking either for a walkthrough on the Brainpan 1 vulnhub CTF or for a tutorial/article to serve as an Introduction to exploit development you clicked on the right link.
Continue reading “CTF: Brainpan 1 CTF walkthrough – Introduction to exploit development (Part I)”

CTF: Homeless – vulnhub CTF walkthrough – keep Trying Harder!

This is a walkthrough on the CTF written by Min Ko Ko (Creatigon, l33twebhacker) and posted on vulnhub on 6 Dec 2017

Target: 10.1.13.37 Like the author states, This challenge is not for beginners. It requires advanced knowledge in several fields which a beginner would not be able to solve unless thorough research is done. Initial hint: The user agent that needs to be set is included on the front page, but you would not be able to see it in plaintext. Continue reading “CTF: Homeless – vulnhub CTF walkthrough – keep Trying Harder!”