Some articles, write-ups, tutorials and reviews are in progress, stay tuned for more!
Transforming time into flags… As an OSINT challenge I started by checking the username @0pt1muspr1me on common social media platforms, and eventually found 0pt1muspr1me's Github profile. 2 repos there with a couple commits 0pt1muspr1me repository private repository Obviously that zip file is password protected, so I started by trying fcrackzip:...
This is the story of how I got scammed into participating in a CTF competition for someone else. I hope this article can help people not get scammed the same way or even help me find the competition I was unintentionally solving. I got contacted by a freshly created account on discord, 10 days old or so. The person first lightly asked for help in solving challenges,...
Medium difficulty box - https://hackthebox.com Intelligence was a medium box I solved a few months ago. It’s also technically the first machine I decided to share a write-up for, because I really enjoyed solving it. RECON nmap -A 10.10.10.248 -Pn...
LOCAL FILE INCLUSION LFI can be found here: http://10.10.11.135/image.php?img=/etc/passwd but we are met with "hacking attempt detected" on a blank page. We can bypass the issue with the php wrapper php://filter as follows: http://10.10.11.135/image.php?img=php://filter/convert.base64-encode/resource=/etc/passwd decode results as base64 and find home path for the user ...
