Summary Reverse the application --> Discover multiple bad practices in the login implementation --> get the credentials from said bad implementation --> intercept the traffic --> flag
This CTF was part of SekaiCTF2024 reversing category, and was rated 2 stars:
To start we are given an apk. Let’s run it using any emulator, i used Genymotion here:
We can try common credentials but nothing seems to work. All apks are essentially archives, so we can unzip and also decompile the code inside it with a tool like apktool:
To start we are given a zip file with two binaries and two json files inside it
Let’s first run the elf to see what it’s doing.
./SpellBrewery 1. List Ingredients 2. Display Current Recipe 3. Add Ingredient 4. Brew Spell 5. Clear Recipe 6. Quit > 3 What ingredient would you like to add? Vampire's Kiss The cauldron fizzes as you toss in a 'Vampire's Kiss'... 1. List Ingredients 2.
Hello everyone and welcome to the guide on how to complete The Linux Privilege Escalation skills assessment room on HTB Academy.
Start backwards This box takes less than 10 minutes to do with this simple trick: start backwards! If we start backwards, we then just have to know how a flag looks like in order to scrape the entire file system for the rest.
Step 1 is to transfer linpeas.sh to the victim machine and run it:
Welcome to this blogs first htb module writeup! today we’re going to go over the session security module, as part of the CBBH path.
The solution for this challenge consists in stealing the admins cookie and then hijacking his session. So first thing we’ll do is log into the webapp with the provided credentials. Also make sure you’ve added minilab.htb.net to your attacker machines /etc/hosts file.
Visiting the submit-solution website, its not obvious at first what its purpose is (at least for me it wasnt).
Welcome back, today we’re gonna go through the second half of the challenges from TryHackMe’s website:
Level 6 This one isnt vulnerable to a classic BOF, but to something called a format string vulnerability. What’s basically happening is that instead of having a normal printf("%s", examplevar) we have something more like printf("%s") . printf was given a format specifier, but no source. So in return printf will make its own justice and take its source from the stack.
Welcome to this websites first writeup, today we’re going to go through the pwn101 room challenges, a series of binary exploitation exercises which provide a good starting point for learning binary exploitation and hacking in general.
Level 1 The first level consists of a simple buffer overflow, which we probe for by flooding the input buffer we are given to see if we can crash the program.
We can see the moment the buffer gets overran it executes "/bin/sh".
Ethical hacking blog, where I will post all sorts of writeups for anything infosec related from binary exploitation to active directory hacking.
XMR:
88izBvnTcRHPudcd5TzzUWLwcfx5CqxKo1P9z7V4Ba8BC8Jwr3yEc8hRW5CdAUZBTp8NC5LDModnGVRAcrcqfFXEJkb33HQ