2024 HuntressCTF -
2024-10-12 | #
Summary Author: @JohnHammond Did you know that zulu is part of the phonetic alphabet? Steps All that was needed to obtain the flag was to perform cat zulu. Flag: flag{74235a9216ee609538022e6689b4de5c}
2024 HuntressCTF - X-RAY
2024-10-12 | #
Summary Author: @JohnHammond The SOC detected malware on a host, but antivirus already quarantined it... can you still make sense of what it does? Steps This was a tricky challenge. I ended up having to combe through John Hammond’s youtube challenge where I thankfully stumbled upon this video Recover Quarantined Malware. Here John shows a new tool called Dexray. This tool can extract the original malware from a quarantined defender file.
2024 HuntressCTF - Typo
2024-10-11 | #
Summary Author: @JohnHammond Gosh darnit, I keep entering a typo in my Linux command prompt! Steps When starting the challenge, I was provided the following information: # Password is "userpass" ssh -p 32279 user@challenge.ctf.games Upon logging in, I was presented with the below animation and then the connection closed. I was unsuccessful in finding a way to interrupt the animation. However, after messing around with SSH, I found I would append commands to back the ssh command such as: ssh user@challenge.
2024 HuntressCTF - GoCracKMe1
2024-10-09 | #
Summary Author: @HuskyHacks TENNNNNN-HUT! Welcome to the Go Dojo, gophers in training! Go malware is on the rise. So we need you to sharpen up those Go reverse engineering skills. We've written three simple CrackMe programs in Go to turn you into Go-binary reverse engineering ninjas! First up is the easiest of the three. Go get em! Steps I found two different ways to solve this challenge. Both challenges first started with downloading the GoCrackMe1.
2024 HuntressCTF - I Can't SSH
2024-10-09 | #
Summary Author: @JohnHammond I've got this private key... but why can't I SSH? Download the file(s) below and press Start on the top-right to begin this challenge. Connect with: # Password is "userpass" ssh -p 30442 user@challenge.ctf.games Steps Along with the docker instance there is an attached private id_ssh key. When I first attempted to ssh into the instance with the private key, I get a unprotected file warning. To fix the ssh key: