Main public logs
From Pessin randon wiki
Combined display of all available logs of Pessin randon wiki. You can narrow down the view by selecting a log type, the username (case-sensitive), or the affected page (also case-sensitive).
- 15:14, 13 October 2022 Exf talk contribs created page File:Ssh-wget.PNG
- 15:14, 13 October 2022 Exf talk contribs uploaded File:Ssh-wget.PNG
- 15:14, 13 October 2022 Exf talk contribs created page File:Ssh-Task.PNG
- 15:14, 13 October 2022 Exf talk contribs uploaded File:Ssh-Task.PNG
- 15:13, 13 October 2022 Exf talk contribs created page SSH-Harden (Created page with "===Description=== During regular system audits, it was dicovered that one of the systems does not meet the organization security baseline. Thereforce this system must be hardened. 200pts ===Question=== Harden the SSH configuration so that it meets the baseline. *Make sure that root login is disabled *Disable password authentication Add this [public key] so that the user: sysadmin is able to log in with their [private key] ===Solution=== To be on the safe side, I initi...")
- 13:59, 13 October 2022 Exf talk contribs created page File:Encoded-flag.PNG
- 13:59, 13 October 2022 Exf talk contribs uploaded File:Encoded-flag.PNG
- 13:58, 13 October 2022 Exf talk contribs created page File:Encoded-task.PNG
- 13:58, 13 October 2022 Exf talk contribs uploaded File:Encoded-task.PNG
- 13:58, 13 October 2022 Exf talk contribs created page Encoder (Created page with "===Description=== This web application allows you to use coding utility to encode and decode base64 100pts ===Question=== Investigate the application, exploit the vulnerability and read the flag from /var/backup/secret.txt ===Solution=== First, I ran a vulnerability scan on the website with the ZAP tool. Unfortunately, nothing was found. Next I tried to enter all kind of commands to both decoder and encoder sides. I realized that especiality I got errors from decoding...")
- 13:41, 13 October 2022 Exf talk contribs created page File:Exiftool-task.PNG
- 13:41, 13 October 2022 Exf talk contribs uploaded File:Exiftool-task.PNG
- 13:41, 13 October 2022 Exf talk contribs created page File:Exiftool-flag.PNG
- 13:41, 13 October 2022 Exf talk contribs uploaded File:Exiftool-flag.PNG
- 13:40, 13 October 2022 Exf talk contribs created page File:Netcat.PNG
- 13:40, 13 October 2022 Exf talk contribs uploaded File:Netcat.PNG
- 13:40, 13 October 2022 Exf talk contribs created page File:Metasploit2.PNG
- 13:40, 13 October 2022 Exf talk contribs uploaded File:Metasploit2.PNG
- 13:40, 13 October 2022 Exf talk contribs created page Nexif (Created page with "===Description=== Test the security of this online Exiftool service. ===Question=== Can you find the vulnerability and exploit it? Can you find the flag from the home folder. ===Solution=== Since the mission description talks about vulnerability and exploits. It is thereforce worth looking to see if there are ready exploits in Metasploit. I started the Metasploit and searched for exiftools as a keyword and immediately found an interesting exploit. <code>ExifTool DjVu...") Tag: Visual edit: Switched
- 13:28, 13 October 2022 Exf talk contribs created page File:Metasploit1.PNG
- 13:28, 13 October 2022 Exf talk contribs uploaded File:Metasploit1.PNG
- 13:15, 13 October 2022 Exf talk contribs created page File:000-config.PNG
- 13:15, 13 October 2022 Exf talk contribs uploaded File:000-config.PNG
- 11:48, 30 September 2022 Exf talk contribs created page File:Plog-flag.PNG
- 11:48, 30 September 2022 Exf talk contribs uploaded File:Plog-flag.PNG
- 11:47, 30 September 2022 Exf talk contribs created page File:Blog-task+flag.png
- 11:47, 30 September 2022 Exf talk contribs uploaded File:Blog-task+flag.png
- 11:35, 30 September 2022 Exf talk contribs created page File:User-audit-flag.PNG
- 11:35, 30 September 2022 Exf talk contribs uploaded File:User-audit-flag.PNG
- 11:35, 30 September 2022 Exf talk contribs created page File:User-audit-task.PNG
- 11:35, 30 September 2022 Exf talk contribs uploaded File:User-audit-task.PNG
- 11:24, 30 September 2022 Exf talk contribs created page File:Top-secret-task.PNG
- 11:24, 30 September 2022 Exf talk contribs uploaded File:Top-secret-task.PNG
- 11:19, 30 September 2022 Exf talk contribs created page Top-Secret (Created page with "===Description=== Management found out that the highly sensitive and top secret documents are accessible to all! They must be hidden ASAP! 150pts ===Task=== You must protect this apache web server with authentication! Configure basic authentication to protect the page Use these credentials for auth: Username: mulder Password: Scully-th3-b3st! SSH Access: Hostname: target.... Username: user Password: Cool2Pass ===Solution=== The first thing I did was to make a...")
- 11:04, 30 September 2022 Exf talk contribs created page File:Crackstation-password-dump.PNG
- 11:04, 30 September 2022 Exf talk contribs uploaded File:Crackstation-password-dump.PNG
- 11:03, 30 September 2022 Exf talk contribs created page File:Password-dump-task.PNG
- 11:03, 30 September 2022 Exf talk contribs uploaded File:Password-dump-task.PNG
- 11:03, 30 September 2022 Exf talk contribs created page Password dump (Created page with "===Description=== Our username and password database was breached. Luckily all the passwords were hashed. *Different hashes - check image *Different hashes - check image *Different hashes - check image 70pts ===Question=== Would it still be possible to recover a password for some users? For the flag, post the recovered password ===Solution=== I recognised that it is probably an MD5 hash, which is crackable. However, I decided to try a crackstation website with a data...")
- 10:57, 30 September 2022 Exf talk contribs created page File:Attack-wireshark.png
- 10:57, 30 September 2022 Exf talk contribs uploaded File:Attack-wireshark.png
- 10:57, 30 September 2022 Exf talk contribs created page File:Attack-task-flagh.PNG
- 10:57, 30 September 2022 Exf talk contribs uploaded File:Attack-task-flagh.PNG
- 10:57, 30 September 2022 Exf talk contribs created page Attack Analysis (Created page with "===Description=== There was an attack against the web server. Directory and basic auth brute forcing occurred. 100pts ===Question=== Analyze the packet capture file to find out whitch user had a weak password that allowed the hackers to authenticate. Password is the flag. ===Solution=== I only used a very lazy, but in this case effective, solution to this problem. Since I knew that the answer was likely to be in ctftech format I just manually searched for login attempt...")
- 10:50, 30 September 2022 Exf talk contribs created page File:Hacked-database.png
- 10:50, 30 September 2022 Exf talk contribs uploaded File:Hacked-database.png
- 10:50, 30 September 2022 Exf talk contribs created page File:Hacked-gobuster.PNG
- 10:50, 30 September 2022 Exf talk contribs uploaded File:Hacked-gobuster.PNG
- 10:50, 30 September 2022 Exf talk contribs created page File:Hacked-task.PNG
- 10:50, 30 September 2022 Exf talk contribs uploaded File:Hacked-task.PNG
