Sign in

Just a quick update.

I moved writing my articles to my personal page on https://blog.ikuamike.io/ . This page will still be here for my own reference.


Since this a continuing series I’ll just dive in.

Service Enumeration

First lets run a fast scan on all ports to discover which ports are open.

nmap -sS -p- --min-rate=1000 192.168.56.105


It’s been a while since I wrote, creating this series of me hacking through the DC VMs from Vulnhub should be the perfect opportunity.

I’ll skip the discovering IP part, if you’ve read previous articles it should be pretty straightforward.

Service Enumeration

Running a fast scan on all ports to discover which…


If you haven’t read my teaser write-up click here. The main CTF was held during the three days of the event. Even though we didn’t win this one, I learnt something. Since it was the first CTF the organizers did, it very well done. You can checkout the challenges: https://ctf-2019.nairobitechweek.com


Nairobi Tech Week 2019 is coming up and they held a CTF teaser before the event that ran this last week.

There were 5 categories of challenges. Our team participated and was able to solve all challenges except one. We got first place.

Onto the challenges I solved.

Web


This box was really CTF-like when getting user, it was so unrealistic. You’ll see what I mean. Unfortunately I didn’t get root, not because it was difficult but because I didn’t try.

Getting User

As usual I begin with an nmap scan to get open ports:

nmap -sV -sC -v -oN frolic.txt…


CTF page: https://ctftime.org/event/753

Team: NoPwnNoGain

Zippy

Description

Can you read the flag from the PCAP?

We are provided with zippy.pcapng file.

Opening the file in wireshark and checking the stream, I see a zip file is being sent and the password of the zip as well.


Misc

1. Who am I?

Description:

What is the A record for tamuctf.com?
(Not in standard gigem{flag} format)

Difficulty: easy

First what is an A record?

An A record maps a domain name to the IP address (Version 4) of the computer hosting the domain. …


Another great CTF that my team and I participated in last week, TAMU CTF had a wide range of challenges which made it a nice experience. It ran for a whole week. It is organized by Texas A&M University Students!

Now for the challenges I solved!

Network/Pentest

1. Stop and Listen

As the challenge says…

Michael Ikua

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store