Networking 1 Okay so for this challenge we are given a file called networking.pcap. This is a packet capture which can be opened in WireShark. But first lets try to just see if the flag is in plaintext. So I downloaded the file and ran the strings (included in Mac and Linux) command on it:… Read more »
The challenge takes us to a page with a log in form. We find a cookie called admin after trying some passwords. This looks like a simple boolean.
Our first clue is http://prosauce.org/ which is Teddy’s personal website. Searching around does not return much so we start following some links. The Projects page http://prosauce.org/projects/ has some more outbound links. GitHub has been used by others, so we try them all. We check the YouTube link http://www.youtube.com/watch?v=RCTRSK45bS4 and see some comments exist. After expanding… Read more »
Being a common word, Google is not going to help us much. On the Official ISIS CSAW IRC channel, we find that there is an OP user snOwDIN. If we run /WHOIS on the user, we get a clue. [isis] |-INFO > snOwDIN [[email protected]] [isis] |-INFO > ircname : linkedin:chinesespies [isis] |-INFO > channels :… Read more »
We start with a Google link https://www.google.com/search?&q=Brandon+Edwards where we quickly that his handle is DrRaid. If we add this to the search to simplify things, we find that he has some Twitter stuff, but that leads nowhere. Next we see a result for his GitHub https://github.com/drraid. We check his Public Activity https://github.com/drraid?tab=activity to find the Key in a… Read more »
For this Recon, we start with the Google search https://www.google.com/search?&q=historypeats. This gives us some results. Checking the Twitter does not return much. We check the next result which is GitHub https://github.com/historypeats. We can check his history by clicking Public Activity https://github.com/historypeats?tab=activity. If we check his most recent Commit https://github.com/historypeats/putscan/commit/a31512af6e8f2ae76bce11c0bd363f899e3488d1, we find the key!
We start with a Google link https://www.google.com/search?&q=Kevin+Chung that leads us nowhere. Further investigation of his Judge page shows that he was a CSAW High School Forensics Finalist. This may be helpful to focus in on the correct Kevin Chung. We search “CSAW High School Forensics Finalist Kevin Chung” and the first result takes us to a page with… Read more »
Our clue takes us to https://www.google.com/search?&q=Julian+Cohen which starts our search. We quickly learn that Julian’s handle is HockeyInJune. We search again for that in Google and find some more results. This leads us to several of his accounts, one being the Wikipedia user http://en.wikipedia.org/wiki/User:HockeyInJune. There is a link to a website http://omnom.nom.co/ but this still does not have the key…. Read more »