Home
BatBato's Blog
Cancel

CTFs | 404CTF_2024 | Investigation Numerique | Un boulevard pour pointer

Un boulevard pour pointer In this challenge, we are given a zip file containing two PDF and a disk image. The two PDF contains linux forensic commands like file, strings, fdisk -l or mmls. Firs...

CTFs | 404CTF_2024 | Investigation Numerique | Tir aux logs

Tir aux logs In this challenge, we are given a text log file of 56 lines. The first look we have at the file, it looks like someone is trying to do an SQLi: There was two ways to solve it here....

CTFs | 404CTF_2024 | Investigation Numerique | Darts Bank

Darts Bank In this challenge, we are given this pcap file. If we open it using wireshark, we can see a lot of HTTP traffic. When we click on the first one and follow the TCP stream, we get the ...

CTFs | 404CTF_2024 | Investigation Numerique | Du poison

Du poison In this AI challenge, we are tasked to deteriorate the accuracy of the AI model that is trained locally. In this challenge, to be able to do this, we can modify the value of the weight...

CTFs | 404CTF_2024 | Exploitation de Binaire | Pseudoverflow

Pseudoverflow Here we are given the course binray. When opened in Ghidra, we can see the following: At first, we had two variables that had the hex values of perds and \0. But once we rede...

CTFs | 404CTF_2024 | Exploitation de Binaire | Jean Pile

Jean Pile Here, we have the following binary. First, lets check the type of the file and its protections: So we know that the ASLR is enabled and that we can execute code in the stack (NX di...

CTFs | 404CTF_2024 | Cryptanalyse | Bebe Nageur

Bebe Nageur In this challenge, we are tasked to retro-engineer a python code and exploit its cryptographic flaws. The given code is the following: from flag import FLAG import random as rd char...

Notes | AD | AD Basics

Active Directory Introduction Well, well well… Here we are. Doing an Active Directory introduction note. Lets start by defining what is Active directory. Active Directory (AD), is the windows dir...

CTFs | Finale_CTF_INSA_2024 | Realiste

Réaliste Kerb1 For this challenge, we are going to use the well known AS-REPRoasting attack. I will not explain in detail how the attack work but you can have more information here. The main idea...

CTFs | Finale_CTF_INSA_2024 | Forensique

Forensique My Name Is ? In this challenge, we are asked to find the name of the user that juste have been powned. To do this, we just have to run the envars command of volatility. Using volatili...