Posts

KringleCon | Python Escape from LA | CTF Challenge Solution

Python Escape from LA This challenge is about breaking out of a restricted shell to execute a program that resides in the directory. In this case, we are provided a Python shell but we cannot import any modules that would let us perform advanced tasks such as executing a binary.
Last updated on Feb 18, 2023 1 min read capture the flag

KringleCon | HR Incident Response | CTF Challenge Solution

Question 7 HR Incident Response In this challenge, we are given a website with CSV upload capability and are asked to somehow gather information from the contents of the file: C:\candidate_evaluation.
Last updated on Feb 18, 2023 2 min read capture the flag

KringleCon | Dev Ops Fail | CTF Challenge Solution

Sparkle Redberry: Dev Ops Fail In this challenge, we are asked to see if there are any credentials exposed as a result of git operations. We list the contents of the current directory and notice the directory containing the git repository.
Last updated on Feb 18, 2023 1 min read capture the flag

KringleCon | Badge Manipulation Question 6 | CTF Challenge Solution

Question 6: Badge Manipulation The objective for this challenge is simple – we need to bypass the authentication mechanism. The way the authentication works is the machine “Scanomatic” scan a QR code on an employee badge and grants access depending if the QR code matches a proper record in the back-end database.
Last updated on Feb 18, 2023 3 min read capture the flag

KringleCon | Yule Log Analysis | CTF Challenge Solution

Pepper Minstix: Yule Log Analysis As part of this challenge, we are looking at Microsoft Event Viewer Logs to discover an instance of password spraying that eventually succeeded. Password spraying is when attackers use different usernames in rotation to attempt login.
Last updated on Feb 18, 2023 3 min read capture the flag

KringleCon | CURLing Master & AD Privilege Discovery | CTF Challenge Solution

Holly Evergreen: CURLing Master We know that the candy striper machine can be turned on by sending a request to port 8080 on localhost (127.0.0.1). But we do not know what request to send.
Last updated on Feb 18, 2023 2 min read capture the flag

KringleCon | Stall Mucking Report & Data Repo Analysis | CTF Challenge Solution

Wunorse Openslae: Stall Mucking Report We are told that a Samba share with shared network credentials is used to upload the file on the server. These shared credentials can be revealed via ps if they were entered in command-line mode.
Last updated on Feb 18, 2023 2 min read capture the flag

KringleCon | Tangle Coalbox & de Bruijn Sequences | CTF Solution

Tangle Coalbox: Lethal ForensicELFication The poem that introduces the challenge talks about certain “text editors” leaving behind clues. Vim immediately comes to mind. We know that Vim logs information about deletions and searchers into a file called .
Last updated on Feb 18, 2023 2 min read capture the flag

KringleCon | The Name Game & Directory Browsing | CTF Challenge Solution

Minty Candycane: The Name Game This challenge presents us with an onboarding system written in Powershell. There’s a command injection vulnerability in the system that allows us to injection arbitrary commands after the ; is used to end the previous
Last updated on Feb 18, 2023 1 min read capture the flag

KringleCon | Essential Editor Skills & Orientation Challenge | CTF Solution

Bushy Evergreen: Essential Editor Skills This challenge asked us to exit a vi terminal screen. This one was quite easy. We know that the way to do that is ESC + :q or ESC + :q!
Last updated on Feb 18, 2023 1 min read capture the flag