DEF CON CTF Qualifier 2014 :: routarded

Posted by and filed under DEF CON CTF Qualifier 2014.

routarded starts you out with a hint in the challenge description that the target webpage is a router with default credentials. After trying a bunch of default router combinations, @jonathansinger found a working combination of <blank>:admin. This pops you into the management site of this fake router, which has a promising diagnostics page. We went… Read more »

DEF CON CTF Qualifier 2014 :: hackertool

Posted by and filed under DEF CON CTF Qualifier 2014.

hackertool had a torrent with a single large file: every_ip_address.txt. After downloading a few chunks, I opened it in a text editor and found that it the file was a consecutive list of IP addresses going from 0.0.0.0 to (presumably) 255.255.255.255. Instead of waiting for it to download, Alex Lynch had the idea for us to generate it… Read more »

RuCTF Quals 2014 :: Web 200 :: ES

Posted by and filed under RuCTF Quals 2014.

For this challenge belonging to the 2014 RuCTF Qualifiers, we are provided with a hyperlink that takes us to a simplified web application. The web challenge for 200 points is titled ES, which we soon learn stands for the web application’s…

RuCTF Quals 2014 :: Recon 400 :: Property Owner

Posted by and filed under RuCTF Quals 2014.

Recon 400 – Landlord Along with the standard prompt we are given our focus for the challenge. To name the landlord of Olimpiada Balalaykina. With the information gathered from Recon 100 we return to our Launchpad, Vk.com and view our target’s profile. Viewing her profile we see under “House” in her information she has “garages.blocks.daisy”…. Read more »