Category: AdventOfCyber2

On our final day it seems that Santa has given us a present!  I love early Christmas gifts.  We have been given a computer and we need to hack our way in!  How fun! As always let’s start off by scanning the machine with Nmap. nmap -p- -sV -T4 –reason 10.10.143.180 Looks like we have READ MORE

Bad news the Grinch seems to have gotten ransomware into the Best Festival Company’s network!  We will need to do some investigation on the infected machine.  For this we will use Remmina again to login to the desktop In a terminal type remmina On the window that pops up click on the 3 dots on READ MORE

For this task we will need to uncover some passwords.  It seems that McEager is not able to access is password manager.  Password managers are great solution to store all your passwords, and makes it easy to have complex passwords for individual sites.  You just need to remember you master key and then you can READ MORE

Today we will be doing some ELForensics.  It looks like someone replaced the database connector and the naughty list is gone! Now let’s log into the machine.  Enter remmina into your terminal, this will open the remote desktop client, then enter your IP address, hit enter, and his accept certificate. Remember to fix the resolution READ MORE

Looks like today we will be using PowerShell to discover the hidden stockings.  Let’s remote into the machine using SSH. ssh -l mceager 10.10.178.103 when prompted enter the password of r0ckStar! We are dropped into a Windows machine command prompt.  Since this is a PowerShell challenge run powershell.exe.  This will drop us into a PowerShell READ MORE

On this task we need to discover what Santa’s password is.  We have a website that will tell us whether or not we are on the naughty list.  From here we can create a special URL in order to gain access to the password.  First let’s start off by scanning the host. nmap -p- -sV READ MORE

Today we are going to do some more reverse engineering.  We will be using ILspy to decompile the code of the TBFC_APP.  Our goal is to discover the password and then log into the application.  Once we login, we will be given the flag. First we need to install a remote desktop client for our READ MORE

On this task we will be doing some reverse engineering!!  We will be taking compiled code and turning it back into the basic code for the assembly instructions.  These instructions are specific to processors, which is why you can’t run a 64-bit binary on a 32-bit processor.  The good thing is that you can still READ MORE

Alright it looks like Santa’s Sled has an API we can use to determine his location.  We need to discover the web server and then find the right API key.  It’s an odd number between 0 and 100, the other issue is after so many attempts, our IP address will be banned. First let’s start READ MORE

Looks like for this challenge we will be using some Python3.  Make sure you have python 3 installed.  Since I am on a Linux machine I can just run python3 to verify. Python is a really powerful language.  You can use it to automate various tasks or create your own exploits.  Once you get the READ MORE