PHDays CTF 2018. Writeup of the layout maker

Hello, Habr. Being a coder, this year I decided to participate in CTF from PHDays.
 
After reviewing the list of tasks, I decided to try my luck with Engeeks. Looking ahead, I will say that I did not get the flag in this task. But others decided. So I'll write down what I could get to. Do not disappear the same finds. ???.110
 
 
The name obviously hinted at the nginx web server. Having examined the main (and only) page of the site, I found out that the feedback form does not work. The specified url for processing sent messages corresponds to status 404.
 
 
PHDays CTF 2018. Writeup of the layout maker ...
+ 0 -

Positive Hack Days CTF 2018 task raids: mnogorock, sincity, wowsuchchain, event0

Positive Hack Days CTF 2018 task raids: mnogorock, sincity, wowsuchchain, event0Hello. Passed the annual PHD CTF and as always the tasks were very cool and interesting! This year I decided 4 tasks. It may seem that the article is very long - but there are just a lot of screenshots.
 
Three ) And drove them to Intruder to understand which ones are allowed. Then I decided to google mongo rock and found the sandbox code that was used for the task. Needless to change it a bit, but it's not a problem to read the logic (At the same time compare the real code with the pseudo-code in my head, which I compiled, studying the behavior of the program with the black box)
 
...
+ 0 -

VulnHub Basic Pentesting

VulnHub Basic Pentesting
 
Good day to all.
 
Many of you know about Pentest, someone had even dealt with him, and someone just heard and would like to feel like a mini specialist in this field. Long ago, maybe not long ago, at VulnHub there was a laboratory devoted to this.
Nmap
 

 
IP of our laboratory
???.2
 
ACT III - Basic Pentesting
 
After as
Nmap
scanned our virtual network, we saw that 3 ports were open at the laboratory:
 
 
21 - ftp
 
22 - ssh
 
80 - http
 
 
We try to connect on port 80. To do this, open the browser (in my case it's FireFox)
 

 
Excellent! The site is working. Let's check which directories he hides from us. For this we will use the remarkable program nikto and look at the result.
 

 
OSVDB-3092: /secret /: This might be interesting
 
Directory
secret
should ...
+ 0 -

CTF is not difficult[NQ2K18]

CTF is not difficult[NQ2K18]
 
And again the next qualifying online stage of the annual competition on cybersecurity - was completed. NeoQUEST-2018 .
 
What happened? Hmm It turned out that in Atlantis also use Android, but the files are transmitted over the old-fashioned way: via Bluetooth, worried about transaction security and create a distributed network, hack competitors' sites and use the information intelligence and more - almost all computers are on a mysterious «QECOS» , written on the LUA, but with a lot of typos. How to survive here? Read under the cut.
 
iDefense MAP Strings ...
+ 0 -

Neoquest 2018: "Find the Ichthyander"

Neoquest 2018: "Find the Ichthyander" Recently ended the next NeoQuest . Under the cut, the third task relating to the area OSINT .
 
Everyone who is interested in steganography and searching for information about a person, welcome to the cat.
 
 
Reference on a special form, correctly filling it, you can get the key:
 

 
We begin to search for information. All we know is nickname andr_ihtiandr . Let's try to see the profile of a person with such a nickname in the most obvious database of personal data - Vkontakte: ...
+ 0 -

Neoquest 2018: "The airship? Aha! "

Neoquest 2018: "The airship? Aha! " Recently ended CTF NeoQuest 2018 . Under the cut the analysis of the second part of the task about the airship, ZeroNet , shift register with feedback, and a system of linear equations.
 
site in the ZeroNet network, on which the chat is deployed. Because in ZeroNet the content of the site is downloaded to the local computer, then I have found the first key and also encrypted_storage.json:
{
"encrypted_storage":[
{
"secret_name": "SiteName",
"secret_value": "84a303b9f188b0",
"date_added": 1519915207692
},
{
"secret_name": "SiteAddress",
"secret_value": "e68cd4a46ee074121a040a6188d3f6d495f24480fc0e08b0d45d8fba875d9fd38e88",
"date_added": ...
+ 0 -

Hidden JS-mining in the browser

Hidden JS-mining in the browser
 
On the threshold of NeoQUEST we like to share different stories that indirectly can help the participants when completing assignments. This time we tell a completely real story about the hidden JS-mining in the user's browser, desperately hinting that in NeoQUEST-2018 will that pomainit!
 
 
Theme before was already climbing Habré , but the fantasy of virus writers is inexhaustible! We recently discovered a more extensive use of JS mining on the user's browser. Be vigilant, hrabrayzer, and welcome under the cut: tell all about it in more detail!
 
...
+ 0 -