JR Gumarin IST 276 Project: Simple CTF

Howdy!

Welcome to the secLounge!

× ALERT! YOU ARE NOW ENTERING THE SIMULATION

CTF

CTF = Capture the Flag

FIND THE FLAGS

flags are structured as follows:

seclounge{hash}

You can input the flags here, or at each stage:

CHALLENGE 1: HTML WEB EXPLOITATION

This is why you shouldn't use Autofill!

Try to uncover this password to get the first flag!

Password:

input the flag here:

HINT

View Page Source & try editing a "password"

ANSWER

I made it easy wiht this script

Right click + inspect element on the password field. change type="password" to type="text"

Try this out in the password field of your favorite social media site!

And never use Autofill on shared computers

CHALLENGE 2: JAVASCRIPT LOGIN

3Com 3CR414492

Try to find the creds for this JS ROUTER login!

input the flag here:

HINT

Google is your friend for finding device DOCUMENTATION

How is JS LINKED to a webpage?

ANSWER

Please make sure to change your home router's default admin credentials!

Also a great opporunity to try Google dorking!

CHALLENGE 3: DIRBUSTED

There is a hidden .txt file on this site that contains the flag.

input the flag here:

HINT

For this challenge, you will need a script that searches through url subdomains and subdirectories.

Alternatively, if you've done CTFs before, try looking for some common .txt files.

ANSWER

Recommended and common tools for this challenge are Dirbuster, Dirb, and Gobuster. They can use wordlists to query url subdomains.

gobuster on GitHub

dirb

For those of you who are new to CTFs, 'robots.txt' is a common file on many CTF boxes.

CHALLENGE 4: FORENSICS

For this project, I ride solo!

Did you know that you can hide messages in pictures?

input the flag here:

HINT

The flag is in the picture!

ANSWER

Save the picture, install Stegosuite (linked), run it, and open the picture in Stegosuite. Then click extract.

CHALLENGE 5: CRYPTO

CRYPTO

39655fb7cccf3e04933f77508f5d1487

68e109f0f40ca72a15e05cc22786f8e6

467b7d12a5ecc3aaebdfed6d70ab7c51

What can you make of these?...

input the flag here:

HINT

These are MD5 hashes. The flag keyword is disguised as one of these hashes.

You can use cracking software to find out what these words might be, but there are quicker ways...

ANSWER

Plug the hash into a database site like crackstation, and put the plaintext flag in the seclounge{} brackets for submission!

CTI

Cyber Threat Intelligence

Below are some incredible cyber threat intelligence sources, so that you can stay abreast on the latest threats:

IBM X-Force Exchange

Palo Alto Networks Unit 42 Blog

Cisco Talos

CheckPoint

Trend Micro

Malwarebytes

Threatposts

Kaspersky

Tools

Lastly, here are some amazing threat intelligence tools that you can access straight from your web browser:

VirusTotal

VirusTotal is a free signature-based virus, malware, and URL scanning service that queries malicious Indicators of Compromise (IOCs) across multiple databases.

PassiveTotal

RiskIQ's PassiveTotal is a threat investigation platform that consolidates massive sets of diverse internet data sources into a single platform.

Shodan

Shodan is a powerful search engine that queries for Internet-connected devices around the world.