Main public logs

Combined display of all available logs of Pessin randon wiki. You can narrow down the view by selecting a log type, the username (case-sensitive), or the affected page (also case-sensitive).

• 13:41, 13 October 2022 Exf talk contribs created page File:Exiftool-task.PNG
• 13:41, 13 October 2022 Exf talk contribs uploaded File:Exiftool-task.PNG
• 13:41, 13 October 2022 Exf talk contribs created page File:Exiftool-flag.PNG
• 13:41, 13 October 2022 Exf talk contribs uploaded File:Exiftool-flag.PNG
• 13:40, 13 October 2022 Exf talk contribs created page File:Netcat.PNG
• 13:40, 13 October 2022 Exf talk contribs uploaded File:Netcat.PNG
• 13:40, 13 October 2022 Exf talk contribs created page File:Metasploit2.PNG
• 13:40, 13 October 2022 Exf talk contribs uploaded File:Metasploit2.PNG
• 13:40, 13 October 2022 Exf talk contribs created page Nexif (Created page with "===Description=== Test the security of this online Exiftool service. ===Question=== Can you find the vulnerability and exploit it? Can you find the flag from the home folder. ===Solution=== Since the mission description talks about vulnerability and exploits. It is thereforce worth looking to see if there are ready exploits in Metasploit. I started the Metasploit and searched for exiftools as a keyword and immediately found an interesting exploit. <code>ExifTool DjVu...") Tag: Visual edit: Switched
• 13:28, 13 October 2022 Exf talk contribs created page File:Metasploit1.PNG
• 13:28, 13 October 2022 Exf talk contribs uploaded File:Metasploit1.PNG
• 13:15, 13 October 2022 Exf talk contribs created page File:000-config.PNG
• 13:15, 13 October 2022 Exf talk contribs uploaded File:000-config.PNG
• 11:48, 30 September 2022 Exf talk contribs created page File:Plog-flag.PNG
• 11:48, 30 September 2022 Exf talk contribs uploaded File:Plog-flag.PNG
• 11:47, 30 September 2022 Exf talk contribs created page File:Blog-task+flag.png
• 11:47, 30 September 2022 Exf talk contribs uploaded File:Blog-task+flag.png
• 11:35, 30 September 2022 Exf talk contribs created page File:User-audit-flag.PNG
• 11:35, 30 September 2022 Exf talk contribs uploaded File:User-audit-flag.PNG
• 11:35, 30 September 2022 Exf talk contribs created page File:User-audit-task.PNG
• 11:35, 30 September 2022 Exf talk contribs uploaded File:User-audit-task.PNG
• 11:24, 30 September 2022 Exf talk contribs created page File:Top-secret-task.PNG
• 11:24, 30 September 2022 Exf talk contribs uploaded File:Top-secret-task.PNG
• 11:19, 30 September 2022 Exf talk contribs created page Top-Secret (Created page with "===Description=== Management found out that the highly sensitive and top secret documents are accessible to all! They must be hidden ASAP! 150pts ===Task=== You must protect this apache web server with authentication! Configure basic authentication to protect the page Use these credentials for auth: Username: mulder Password: Scully-th3-b3st! SSH Access: Hostname: target.... Username: user Password: Cool2Pass ===Solution=== The first thing I did was to make a...")
• 11:04, 30 September 2022 Exf talk contribs created page File:Crackstation-password-dump.PNG
• 11:04, 30 September 2022 Exf talk contribs uploaded File:Crackstation-password-dump.PNG
• 11:03, 30 September 2022 Exf talk contribs created page File:Password-dump-task.PNG
• 11:03, 30 September 2022 Exf talk contribs uploaded File:Password-dump-task.PNG
• 11:03, 30 September 2022 Exf talk contribs created page Password dump (Created page with "===Description=== Our username and password database was breached. Luckily all the passwords were hashed. *Different hashes - check image *Different hashes - check image *Different hashes - check image 70pts ===Question=== Would it still be possible to recover a password for some users? For the flag, post the recovered password ===Solution=== I recognised that it is probably an MD5 hash, which is crackable. However, I decided to try a crackstation website with a data...")
• 10:57, 30 September 2022 Exf talk contribs created page File:Attack-wireshark.png
• 10:57, 30 September 2022 Exf talk contribs uploaded File:Attack-wireshark.png
• 10:57, 30 September 2022 Exf talk contribs created page File:Attack-task-flagh.PNG
• 10:57, 30 September 2022 Exf talk contribs uploaded File:Attack-task-flagh.PNG
• 10:57, 30 September 2022 Exf talk contribs created page Attack Analysis (Created page with "===Description=== There was an attack against the web server. Directory and basic auth brute forcing occurred. 100pts ===Question=== Analyze the packet capture file to find out whitch user had a weak password that allowed the hackers to authenticate. Password is the flag. ===Solution=== I only used a very lazy, but in this case effective, solution to this problem. Since I knew that the answer was likely to be in ctftech format I just manually searched for login attempt...")
• 10:50, 30 September 2022 Exf talk contribs created page File:Hacked-database.png
• 10:50, 30 September 2022 Exf talk contribs uploaded File:Hacked-database.png
• 10:50, 30 September 2022 Exf talk contribs created page File:Hacked-gobuster.PNG
• 10:50, 30 September 2022 Exf talk contribs uploaded File:Hacked-gobuster.PNG
• 10:50, 30 September 2022 Exf talk contribs created page File:Hacked-task.PNG
• 10:50, 30 September 2022 Exf talk contribs uploaded File:Hacked-task.PNG
• 10:49, 30 September 2022 Exf talk contribs created page Hacked (Created page with "===Description=== This web server was defaced by hackers. They made some modification on the system. ===Question=== Admin was able to see from the logs that a SQL database dump was made. Can you find it? Maybe this helps you forward with this incident analysis. ===Solution=== Since we were asked to search for SLQ database dump it makes sense to use gobuster here as well. The command <code>gobuster dir -u [url] -w /usr/share/wordlist/dirbuster/directory-list-2.3-medium....")
• 10:40, 30 September 2022 Exf talk contribs created page File:Three-hils-zap.PNG
• 10:40, 30 September 2022 Exf talk contribs uploaded File:Three-hils-zap.PNG
• 10:40, 30 September 2022 Exf talk contribs created page File:Tree-hills-task+flag.PNG
• 10:40, 30 September 2022 Exf talk contribs uploaded File:Tree-hills-task+flag.PNG
• 10:40, 30 September 2022 Exf talk contribs created page The Tree Hills (Created page with "===Description=== The Tree Hills is worried that some of their data might have been leaked. They need your help to check it out. 100pts ===Question=== Find the flag from /etc/passwd ===Solution=== This was a really straightforward flag, as using the OWASPZAP tool you got a direct response with its auto-attack. ===Tools=== * ZAP ===Flag=== <code>ctftech{d60bac914-4209}</code> ===Links=== * Back to CTF Challenges page")
• 10:35, 30 September 2022 Exf talk contribs created page File:Healt-check Flag.PNG
• 10:35, 30 September 2022 Exf talk contribs uploaded File:Healt-check Flag.PNG
• 10:35, 30 September 2022 Exf talk contribs created page File:Healt-check Gobuster.PNG
• 10:35, 30 September 2022 Exf talk contribs uploaded File:Healt-check Gobuster.PNG