Side Quest - Day 3 Enumeration In this challenge, we are just given the an IP address. So we start our enumeration phase by running our nmap: As you can see, I used only -sV. This is be...

Side Quest - Day 1 In this challenge, we are given a wireshark capture called VanSpy.pcapng. When we open it with wireshark, we just see the following: The protocol 802.11 is the one used for...

Introduction To be able to participate in the Side Quest challenge, we had to find the URLs to the different challenges: First QR Code LinkedIn The first one is, as specified earlier, on thei...

Plugin Again As written in the description of the challenge, we need to read the content of the /FLAG file. We only have access to a URL so we can navigate to the website and we get this: Fir...

Cryptoneat In this challenge, we have access to an HTML page that you can download here. In this page, we can see some kind of imported JS code from Crypto JS 3.1.9-1. After this big JS code, we c...

Timelapse Enumeration As always, we run our nmap scan: As we can see, we have SMB protocol available. We can try to access the shares using smbmap: Note that we can see the name timela...

Devel Enumeration First of all, lets start a basic nmap scan: As we can see, we y have port 21 and port 80 opened. We also can notice that the port 21 (FTP) is accessible by the anonymous us...

Active Enumeration First of all, we can start by running an nmap scan: The nmap scan doesn’t give much clue on what to do now, but there is an SMB share. Let’s have a look: As we can see,...

Latek I haven’t tried much in this CTF, so this is the only WU that I will write. For this challenge, we need to recover the /flag.txt file. As we can see, we have access to a website that prin...

Le Divin Crackme In this challenge, we are given this executable. We can guess the password L4_pH1l0soPh13_d4N5_l3_Cr4cKm3. This is because the password is stored in the memory and the use of...