-
👽 Hacktoria – Where’s Klumgongyn
Lire plus: 👽 Hacktoria – Where’s KlumgongynThis writeup is related to an old Hacktoria challenge which is no longer accessible. Link: https://hacktoria.com/contracts/wheres-klumgongyn/ We don’t have any other information than the photo. There are multiple ways to find this location. I took the fastest one. Search on Google: my taxi 6882122 and found a Facebook page: https://www.facebook.com/groups/879392425455230/ So we know the city…
-
💻 Cap – Writeup
Lire plus: 💻 Cap – WriteupThe name of the easy Linux box gives us useful hints… Add the hostname into /etc/hosts: … 10.10.10.245 cap.htb … First run a nmap scan to detect open ports: The nmap scan output is way too long so we’ll just focus on the important parts. The FTP server is not accessible using anonymous login and…
-
💻 Buff – Writeup
Lire plus: 💻 Buff – WriteupIn this easy Windows machine we’ll exploit a buffer overflow! Add the IP address in /etc/hosts: … 10.10.10.198 blue.htb … First run a nmap scan: We add the -Pn option to nmap because this is a Windows machine and the ICMP protocol is filtered. So nmap cannot tell if the host is up or not.…
-
💻 Beep – Writeup
Lire plus: 💻 Beep – WriteupThis Linux machine is a bit special compared to other Linux challenges because this is a CentOS operating system. Add the IP address in /etc/hosts: … 10.10.10.7 beep.htb … First run a nmap scan: There is a lot of open ports on this machine. But most of them could be rabbit holes. If you have…
-
💻 Bashed – Writeup
Lire plus: 💻 Bashed – WriteupThis easy Linux challenge uses a vulnerable PHP file to execute commands on the system. Add the IP address in /etc/hosts: … 10.10.10.68 bashed.htb … First run a nmap scan: There’s only one port open which is an Apache web server. The version 2.4.18 is not vulnerable. On the website, the autor wrote about a…
-
💻 Antique – Writeup
Lire plus: 💻 Antique – WriteupIn this machine we’ll enumerate services and find a specific UDP port to perform enumeration on it. Add the IP address in /etc/hosts: … 10.10.11.107 antique.htb … First run a nmap scan. We must specify the -Pn option because the machine doesn’t respond to pings: When we try to connect to the telnet service port…
-
🔍 OSINT Exercise 010
Lire plus: 🔍 OSINT Exercise 010Introduction Link: https://gralhix.com/list-of-osint-exercises/osint-exercise-010/ Difficulty: For beginners: a) Easy, b) Easy, c) Hard For experts: a) Easy, b) Easy, c) Medium Briefing: A Twitter user shared three photos of an event. Please answer the following questions: a) Which event is being celebrated in the photos? b) Which two photos were taken by the same person? c)…
-
🔍 OSINT Exercise 009
Lire plus: 🔍 OSINT Exercise 009Introduction Link: https://gralhix.com/list-of-osint-exercises/osint-exercise-009/ Difficulty: For beginners: a) Hard, b) Hard For experts: a) Medium, b) Medium Briefing: The video below was shared by the Visit Tirana Twitter account on February 16, 2023. Please answer the following questions: a) To the best of your knowledge, at what time was the video recorded? b) Find the coordinates…
-
🔍 OSINT Exercise 008
Lire plus: 🔍 OSINT Exercise 008Introduction Link: https://gralhix.com/list-of-osint-exercises/osint-exercise-008/ Difficulty: For beginners: a) Easy, b) Medium, c) Medium For experts: a) Easy, b) Easy, c) Easy Briefing: The large photo below was taken from a page of the Epoch Times, a Chinese newspaper. Please answer the following questions: a) What was the audience applauding? b) When was the photo taken? c)…
Author: adm_synoslabs
Articles récents
Tags
boat challenge cody credentials crypto ctf cve easy embed exif exploit geoint geolocation google google lense gralhix hacking hacktoria htb iis intelligence kernel linux location manipulation maps metadata metasploit metaverse mondayquiz osint php redirection reverse search social engineering social media socmint sofia santos street view thursdayquiz web web3 wifi windows writeup