For this challenge, we are given a ZIP archive containing a Mozilla Firefox memory dump. We unzip the archive and search the printable text for our flag: [ [email protected]: ~/csaw/forensics100 ]$ unzip firefox.mem.zip Archive: firefox.mem.zip inflating: firefox.mem creating: __MACOSX/ inflating: __MACOSX/._firefox.mem [ [email protected]: ~/csaw/forensics100 ]$ strings firefox.mem | grep flag{ ZZZZZZZZflag{cd69b4957f06cd818d7bf3d61980e291} [ [email protected]: ~/csaw/forensics100 ]$… Read more »
For this challenge we must “Find a picture of me that’s from before I was a high school student.” We start by looking through his photos on Facebook and LinkedIn but came up empty. We turned to Google to find out more. We found his website, twitter, and github but they didn’t provide any useful… Read more »
For this challenge, we are given a PDF file named pdf.pdf. We check out the printable characters of the PDF file and notice that streams are being used. We attempt to decode the stream objects but shifted toward another approach when we realize that document objects (images, textboxes, etc.) could be stacked. Using Adobe Acrobat… Read more »
routarded starts you out with a hint in the challenge description that the target webpage is a router with default credentials. After trying a bunch of default router combinations, @jonathansinger found a working combination of <blank>:admin. This pops you into the management site of this fake router, which has a promising diagnostics page. We went… Read more »
hackertool had a torrent with a single large file: every_ip_address.txt. After downloading a few chunks, I opened it in a text editor and found that it the file was a consecutive list of IP addresses going from 0.0.0.0 to (presumably) 255.255.255.255. Instead of waiting for it to download, Alex Lynch had the idea for us to generate it… Read more »
[email protected] (or more formally, the Collegiate Cyber Defense Club at UCF) now has a multi-server environment, but we started out with little to no inventory to speak of. Our club was founded about a year and a half ago, and we’ve slowly acquired more and more hardware for our strapping little environment. Some of our… Read more »
For this challenge belonging to the 2014 RuCTF Qualifiers, we are provided with a hyperlink that takes us to a simplified web application. The web challenge for 200 points is titled ES, which we soon learn stands for the web application’s…
For this challenge, we are given a set of Cisco router configs as well as a visual topology. The challenge is to find a missing config line in R1.
Recon 400 – Landlord Along with the standard prompt we are given our focus for the challenge. To name the landlord of Olimpiada Balalaykina. With the information gathered from Recon 100 we return to our Launchpad, Vk.com and view our target’s profile. Viewing her profile we see under “House” in her information she has “garages.blocks.daisy”…. Read more »
Recon 100 – Favorite Book We start off the challenge with the standard prompt, the two important bits of information are the name of the target: Olimpiada Balalaykina. We also get the name of someone she would like to meet someday. Pavel Durov, we can assume this is a hint. Then we get the focus… Read more »