Author Archives: holidaywa

Getting the hints To get the hints, we need to win 8 levels of the Elf Python game. Level1 Level2 import elf, munchkins, levers, lollipops, yeeters, pits Level3 Level4 Level5 Level 6 Level 7 The following hints are now available: They actually provides links to the documentation of express-session and mysqljs that are apparently usedContinue reading “Frost Tower Website Checkup”

The Challenge Starting from a website used to manage printers, the goal it to get access to a log file and get data from it. The website indued some inputs like the following one, where an attempt some injection but without success. It also include this page, where the used can upload new firmware andContinue reading “Printer Exploitation”

Getting the hints In order to black the naughty IPs and get the hint, fail2ban needs to be configure as the following: /etc/fail2ban/filter.d/hohono.conf /etc/fail2ban/jail.d/hohono.conf /etc/fail2ban/action.d/hohono.conf The challenge Getting access to the machine To start the challenge, we need to escape this application: Click on CTRL+D to get Python console: Use os.system to get shell Let’sContinue reading “Kerberoasting on an Open Fire”

Getting the hints In order to get the hints we talk to Tinsel Upatree who ask to help him wih Strace Ltrace Retrace terminal. When executed the make_the_candy binary asked about a configuration file that doesn’t exist. The goal is to debug the binary in order to get and idea about this conf file andContinue reading “Customer Complain Analysis”

The Challenge My final ASM program is the following: Here is the debugger scene I got when compiling: The answer is “cyber security knowledge“

Getting the hints To get the hints we need to talk to Noxious O. D’or who asks to do the IMDS Exploration terminal, let do it! The following is the result of all the commands we are asked to launch! Once do we get his nice screen and some hints! The Challenge According to theContinue reading “Now Hiring!”

Getting the hints Before giving us some hints, Jewel asks to solve the IPv6 Sandbox terminal. Let’s dot it. The goal is to find a password hidden somewhere in server hosted in one of the machines within the network. I started to make a ping to ff02::1 to get all the nodes within the localContinue reading “Strange USB Device”

Task 1 – Capture the commands Eddie ran most often, starting with git. Looking only at his process launches as reported by Sysmon, record the most common git-related CommandLine that Eddie seemed to use. Statistics -> Quick Reports The answer is “git status” Task 2 – Looking through the git commands Eddie ran, determine theContinue reading “Splunk!”

The Challenge In order to make this Verilog program, I adapted the one described at https://numato.com/kb/generating-square-wave-using-fpga/ to the clock frequency of the hardware used in this challenge which it 125Mhz. The counter is so decremented by CLOCK_FREQUENCY/(2*freq/100) converted to integer through $rtoi method. Here are the results of the different tests: At 500Hz At 1KHzContinue reading “FPGA Programming”