Information Security Journey @informationsecurityjourney - Tumblr Blog

A getting started guide for defensive coding and ethical hacking.

Newbie guide to ethical hacking.

Crowdsourced security solutions. Bugcrowd delivers fully managed bug bounties on on all-in-one vulnerability disclosure platform powered by the world’s largest crowd of security researchers.

Platform where companies can post rewards for bug hunters to uncover vulnerabilities.

#bugcrowd

Over 2016 and 2017, we will be releasing a sequence of publicly available courses in cyber security, under the banner of the sec.edu 'Security Engineeri...

Online Security Engineering course by UNSW Australia.

#course #UNSW

The best defense against hackers is a well-informed development team. Our interactive exercises can teach your team about today's most common security vulnerabilities.

Interactive website to learn:

SQL Injection

Clickjacking

Session Fixation

Cross-Site Scripting

Weak Session IDs

Reflected XSS

Dom-Based XSS

Cross-Site Request Forgery

File Upload Vulnerability

XML Bombs

Open Directs

User Enumeration

Broken Access Control

Unencrypted Communication

XML External Entities

Information Leakage

Password Mismanagement

Privilege Escalation

Command Execution

Directory Traversal

#hacksplaining #hack

n00bz Level 7

In level 7, we get a page with error 404 - page not found, with the following text:

“f00 not found Something is not right here??? btw...bounty $70″

Interestingly, the page is named 404.php, which also correspond to the hint that it should be in the http header. Remembering that the previous page naming follows the flow “levelone.php” ... “levelsix.php”, we decided to try our luck with changing "404.php” to “levelseven.php”. By checking the http header, we get the following text “aW5mb3NlY19mbGFnaXNfeW91Zm91bmRpdA==“. Again, double equals means its a base64 decode. Decoding it, we get “ infosec_flagis_youfoundit”.

#CTF #writeup #n00bz #base64 #http headers

n00bz Level 6

Level 6 ask us to download sharkfin.pcap which means it is probably some network traffic that we have to analyse. The filename - sharkfin - hinted that we may need to use wireshark to analyse the file.

These are the following steps i like to do when i have a pcap file:

statistics --> captured file properties

file --> export objects --> http

right click follow --> TCP/UDP stream

By following UDP stream 0, we get the following “696e666f7365635f666c616769735f736e6966666564″ which is a hexadecimal. Through conversion, we get “infosec_flagis_sniffed”.

#pcap #n00bz #CTF #writeup #wireshark #hex

n00bz Level 5

For level 5, we get a page with an infinite pop-up that says “hacker!!”.

After disabling the pop-up, we inspect the source and found a hidden image - aliens.jpg.

With an image, we would like to run it through a steganography decoder. Many recommend steghide, but we used an online tool, and we get the following output “01101001011011100110011001101111011100110110010101100011010111110110011001101100011000010110011101101001011100110101111101110011011101000110010101100111011000010110110001101001011001010110111001110011″. This is clearly a binary code, and we decode it to get “infosec_flagis_stegaliens”.

#binary #steg #CTF #writeup #n00bz

n00bz Level 4

For a bounty of $40, level 4 shows a very cute cookie monster image with the text “HTTP means Hypertext Transfer Protocol”. On hovering the image, it gives a pop-up text “stop poking me”.

Combining HTTP and cookie monster, the hint is probably to look at the cookie of the page.

The only thing that stands out is this fusrodah which is a move used in a game - skyrim. This seems like a sort of string that is decrypted. We tried our luck with ROT13 and got “INFOSEC_FLAGIS_WELOVECOOKIES”. There we have it~ :)

#rot13 #CTF #writeup #n00bz #cookie

n00bz Level 3

In level 3, we see a QR code with a progress bar for a bounty of $30.

At first thought, the hint to where the flag is hidden would be inside the QR code. However, we were sidetracked by the progress bar after getting negative results from running the QR code through a conventional QR code scanner. Big mistake! :X After checking the progress bar, it seems to be a distraction with nothing unusual.

We decided to read up a little on the workings of QR code, and figure out to use a QR code decoder instead. Viola! It return us a raw text “.. -. ..-. --- ... . -.-. ..-. .-.. .- --. .. ... -- --- .-. ... .. -. --.” which is actually a string written in morse code. Running through a morse code translator, we get “INFOSECFLAGISMORSING”.

#morse #code #CTF #writeup #n00bz #qrcode

n00bz Level 2

In this level, we see a broken image with accompany text “It seems like the image is broken..can you check the file?”.

By opening the image in a new tab, it displays the image in this link.

Since it don’t seem like a valid image, we downloaded the image and open it in a text editor, and find the string “aW5mb3NlY19mbGFnaXNfd2VhcmVqdXN0c3RhcnRpbmc=“. Since there is a “=“ tagged to the end of the string, it is most likely a base64 encoding. Going through a base64 decoder, it gives us the flag “infosec_flagis_wearejuststarting”.

#CTF #n00bz #writeup

n00bz Level 1

When we first enter level 1, it shows us a yoda with the following text “May the source be with you!”.

The hint in this case, is to simply look at the page source.

There we have it, the flag is “infosec_flagis_welcome”.

#CTF #n00bz #writeup

A list of publicly available pcap files / network traces that can be downloaded for free

Compiled list of pcap files mainly used for CTF.

#pcap #CTF

Compiled list of sample pcap files.

#pcap

Infosec Institute CTF

Infosec Institute provides an entry-level CTF for beginners to learn and play.

The first one is n00bz while the second is Practical Web Hacking. In the next few posts, i will be writing on the methods I used to solve the exercises. Regardless, these are some of the sample writeups to the exercises that fellow players have shared:

1. http://resources.infosecinstitute.com/n00bs-ctf-labs-solutions/#article

2. http://cmattoon.com/infosec-institute-ctf-level-4/

3. http://kectf.blogspot.sg/2015/03/n00bs-ctf-labs.html

4. http://shellnux.in/2015/03/level-6/

#CTF #infosec #answers

CTF or Capture the Flag is a traditional competition or war game in any hacker conferences like DEFCON, ROOTCON, HITB and some hackathons. CTF games are us

Compiled resources of tools to download for the respective analysis of vulnerabilities and the different sources of CTF available.

#hacking #tools #CTF

Trending Blogs

Recently Viewed Blogs

Information Security Journey