Attack Analysis: Difference between revisions
From Pessin randon wiki
Created page with "===Description=== There was an attack against the web server. Directory and basic auth brute forcing occurred. 100pts ===Question=== Analyze the packet capture file to find out whitch user had a weak password that allowed the hackers to authenticate. Password is the flag. ===Solution=== I only used a very lazy, but in this case effective, solution to this problem. Since I knew that the answer was likely to be in ctftech format I just manually searched for login attempt..." |
No edit summary |
||
| Line 1: | Line 1: | ||
[[File:Attack-task-flagh.PNG|thumb|Task + flag]] | |||
[[File:Attack-wireshark.png|thumb|Wireshark packet]] | |||
===Description=== | ===Description=== | ||
There was an attack against the web server. Directory and basic auth brute forcing occurred. | There was an attack against the web server. Directory and basic auth brute forcing occurred. | ||
Latest revision as of 10:58, 30 September 2022
Description
There was an attack against the web server. Directory and basic auth brute forcing occurred.
100pts
Question
Analyze the packet capture file to find out whitch user had a weak password that allowed the hackers to authenticate.
Password is the flag.
Solution
I only used a very lazy, but in this case effective, solution to this problem. Since I knew that the answer was likely to be in ctftech format I just manually searched for login attempts. I did a whireshark search filtered by the http.authorization parameter. I then quickly just scrolled through the packages until I found the right package.
Tools
- Wireshark
Flag
ctftech{passwords-r-weak}
