It’s been a while since I wrote, creating this series of me hacking through the DC VMs from Vulnhub should be the perfect opportunity.
I’ll skip the discovering IP part, if you’ve read previous articles it should be pretty straightforward.
Running a fast scan on all ports to discover which ports are open.
nmap -sS -p- --min-rate=1000 192.168.56.104
If you haven’t read my teaser write-up click here. The main CTF was held during the three days of the event. Even though we didn’t win this one, I learnt something. Since it was the first CTF the organizers did, it very well done. You can checkout the challenges: https://ctf-2019.nairobitechweek.com
Now onto the challenges I solved.
Nairobi Tech Week 2019 is coming up and they held a CTF teaser before the event that ran this last week.
There were 5 categories of challenges. Our team participated and was able to solve all challenges except one. We got first place.
Onto the challenges I solved.
This box was really CTF-like when getting user, it was so unrealistic. You’ll see what I mean. Unfortunately I didn’t get root, not because it was difficult but because I didn’t try.
As usual I begin with an nmap scan to get open ports:
nmap -sV -sC -v -oN frolic.txt 10.10.10.111
What is the A record for
(Not in standard
First what is an A record?
An A record maps a domain name to the IP address (Version 4) of the computer hosting the domain. An A record is used to find the IP address of a computer connected to the internet from a name.
So we just run dig on the website to get the record.
Another great CTF that my team and I participated in last week, TAMU CTF had a wide range of challenges which made it a nice experience. It ran for a whole week. It is organized by Texas A&M University Students!
Now for the challenges I solved!
As the challenge says all we have to do is listen. So objective is to sniff for packets on the network and get the flag. I connected to the network via vpn with the instructions provided, then fired up wireshark to sniff packets on tap0 which was the network interface created by vpn. …