In this challenge, we are mandated to find a lot of information : IP attacker IP victim Apache server version CVE used by attacker Port of reverse shell First on the wireshark captur...

In this chall we are given 3 SMS database. As we can see on the below picture, we can get pretty much all the flag, but 404CTF{m4r13_cur13_1898} don’t validate the challenge : In the app_part ...

In this challenge it is stated that there is a certificate authority so we can guess that we need to use ADCS exploits. First lets check if it is vulnerable to any known ADCS exploits by running...

Here we need to find information in a directory. First lest nmap it : As we can see, there is LDAP that should be what we are looking for. Now lets try to authenticate without any user : So...

If we try to access shares we can’t… Buf if we look at them we can see a Backups share but we can’t acess it If we look inside the SYSVOL share, we have the backup_reader password : With ...

In this challenge we are given an image that is the banner of a scientist. We need to find a language where he is confirmé. First if we try exiftool on the image we get the following : We now ...

In this chall, we need to find a lot of information. Lets start by finding the cemetery : Now that we know the cemetery is the one of the city of Pfastatt, we can try to find the scientist men...

In this chall, we are given a connection to an SQL server. We need to find the active badge number of Laurent NOEL. On the server we can list the available tables : As we can see, there are t...

Introduction This post is about understanding how the main tools work, because it is great to achieve an attack but it’s better if you can do it from scratch. So if you know how tools work, then y...

Zipper In this challenge, we have access to this zip. First I tried to unzip it and we find a PDF with two images talking about the zip format. I tried to run binwalk on them with no luck. But a...