G’Day, r/securityCTF!

I’m a cybersecurity researcher conducting a study on the use of Bloodhound in penetration testing, red teaming, and offensive cyber operations. I am interested in understanding the psychology of attackers as they move laterally through target networks (including understanding their decision making, sense making, and effect of emotion).

Who I’m Looking For:

• Individuals with hands-on experience using Bloodhound.
• Those willing to share their insights.

What’s In It For You:

• An opportunity to contribute to a study that aims to enhance deployment of cybersecurity deception tools.
• acknowledgment in research publications (username or real name as preferred)

How to Participate:

• Please reach out via andrew.reeves@adelaide.edu.au if you’re interested or have any questions.
• Participation involves up to 1 hour of preparation time (familiarising yourself with a provided bloodhound map) and a short (30 minute) interview with the researcher.
• You can opt to complete a short survey instead of the interview if preferred.

Your expertise is greatly appreciated and will help shape the deployment of new cyber deception tools.

Thank you!
Andrew

In one of the ctf challenges we have been given an audio file, the challenge says it is a weird way to communicate for just a 11 char long string, and the audio file is also of 11 seconds.
And the name of the chall is Frequency analysis. I tried sonic visualizer, audacity online sites but can't figure out. Any guess what it could be? I can't share the file here.

I am very new to competing in CTF's and made a mistake.

I was doing a forensics challenge that required me to download a pcap file to be analyzed on wireshark, I initially was analyzing the file on my kali vm, but for some reason I decided to go to my main machine and do the same thing. The pcap file had traces of multiple files.

There were 3 files: runner.js , st.exe and a pdf file. The runner file seemed to execute shell code and then the st.exe file would disappear. For some reason I decided to not care about it and went along my way continuing to work on the CTF.

I just realized my mistake this morning (about 12 hours later) and decided to check my windows defender where I was notified that there were 100+ malware, backdoors and trojans on my pc (I believe they were repeated because I downloaded the files from the pcap multiples times, I was initially confused why the st.exe was deleting itself as it didnt do this on my kali machine, the shell code was making it delete itself).

So, other than having windows defender remove the threats, what else should I do? Considering it was left on my pc for a decent amount of time and I was connected to the internet via Ethernet to my home internet.

Any help would be appreciated,

Thanks.

​

Hello, do you have ideas on how to extract environment variables of a PHP webserver ? I have access to the source code of the web page, and the $_SERVER variable holds secrects I need for the CTF, but I can't find a way to get access to them ! Any help would be appreciated :)

I have been struck with einladen sherlock challenge task 14,

The malware contains a class Client.Settings which sets different configurations. It has a variable 'Ports' where the value is base64 encoded. The value is decrypted using AES 256 Decrypt. After decryption, what will be its value??

How to do this someone help me

Hi everyone! I run a community sponsored by Tenable (creators of Nessus) called the Cyber Cooperative - we're holding a CTF challenge next weekend that anyone/any team is able to join!

Right now we've only got 5 teams signed up, but everyone in the Top 50 gets a prize of some sort (the minimum prize being a nice pair of #programmersocks, yeah, those), so like, joining means you're pretty much guaranteed a prize - we'd love to have your participation! We also have weekly challenges in our Discord.

The link to the CTF is here on CTFtime: https://ctftime.org/event/2206

How can I decrypt this enigma cipher text : RSHDQ VKAXO LONTP SXKHY DGOWH BKUBK MAAGT YEGAJ ZMKIB AJYDV MFFYH ZOWSW SQYMK CEZXK DBLEA GZTIF IHHNQ PARET PSOXE JPRHO RXLYY GSIHG YBIFC NYUSN JSDXF TGHIX KVWVQ GNWBC CCPFU MKOLT PMLDX DCMSX BEGEN USMUQ BJSJC OEREZ SZ
I got some hits : Enigma Challenge Hints:

• QK JO LU XG DV --> I think this is the Plugboard wiring, but I am not sure.
• UKW B --> reflector
• 3 of 5 Rotors --> I don't know how to make use of this hint.
• First 5 digits of Pi (3 14 15 --> C N O)
• Metasploit Acquired by Rapid7 ( October 20, 2009 --> 10 20 09 --> J T I)(edited)

How can I brute force all the combinations.

Hey I am pretty new to cybersecurity but how do you find out which open port takes in binary data then do a buffer overflow. I am using nmap and netcat on linux system.

Hii Guys!!

Im recently wanted to learn more about CTF games and challenges. anyone who has interest in learning or anyone who have studying or experienced, can we join and learn as a team?

if anyone up comment here guys. we can learn to gather, because for me as a person im trying in internet there are lots of sites and pages are there to learn but i think its better to learn as a team so we can share knowledge and learn more.

Please be serious no jokes here, only learning and being as a team.

I need to solve a CTF. The CTF is given below:

ykieF5Bbvpy2z29jLuXuFnwln1A4girvJr12j0G3ukY=

Moreover, from previous clues, I have gotten some coordinates:

71,68

83,67

95,76

71,81

66,84

71,101

104,101

105,103

104,116

123,76

115,95

125,0

From what I can see, I need to manipulate the given coordinates and then use that information to manipulate or analyze the provided string. I tried doing that and ended up with an answer as below:

Flag{Th1s_1s_0}

Upon giving it to the presenter, I was told and I quote:

"Very close

Very very close

Few digits here and there, a few missing letters"

I have been stuck on this problem since then and can't seem to figure out the correct answer. Could someone help me?

I encountered this Base encoding while working on a CTF challenge, but I don't know what encoding the text is after decrypting it with Base64 and Base32. The original string is:

SkZCU1FUU01LWkZTV1FSWUpWWFZNWUQ1SkJCSE9OQkpLRlRGNlNDQUxBNVVLVkNQS1EzSEdOWkRMSlJUQ1pTVktBNkZJUFRFS0pNVU9LS0JKUllHTVRMMko1V1dXUTJZS1pJR0FQUlRLWlhXU09DRE1JM1c2WUxQS0ZSRkU2MjJKVkhXRVdSVE1NMkRFT0pVSlZHWFNKRFhMSkJUTVlaVklZN1dHMlQ2S0ZSRklWVEFKTjZYTVQySUpSUENRUEtUS040U1VJWkdKRlNDU1RMUw==

Thank you very much to anyone who can help.

Hello,

I am interested in Research and reverse engineering. I am new to security, I have an EE degree where I learned some basic OS principles, memory, assembly, etc (although i need to refresh my memory), and 2 years of c/cpp code experience.

​

I have done the first 8 challanges of microcorruption and enjoying them so far. However, the challanges are mostly "logical" so far and don't require actual theoretical knowledge, which will probably change in the future challanges, and outside of this specific ctf.

​

I would love to get some recommendations on books, youtube channels, tutorial, anythong basically to be used as a companion to Microcorruption.

​

Thank you!

The CTF given is below:
ykieF5Bbvpy2z29jLuXuFnwln1A4girvJr12j0G3ukY=
It's not base64 and seems hardcoded. I am weak in this section. Could anyone solve this and give me the answer with the steps used?

I am using my own phone as a proxy, I am using an application called iproxy, everything is working fine, but I have a problem:

When using my python selenium to open "What Is my ip address" website through my code, it uses around 50MB of data which is crazy

But when I go and do the same proccess manually without my code it only costs 1-3MB of data usage

Some notes:

I am using this code to config my "Proxy Authentication" proccess which requires username and password: https://stackoverflow.com/a/55582859

I still did not wifi split my proxy, but i am pretty sure this is not the problem

my code is empty it only opens the website, not sure why its using so much data

​

My code is on this post

Is initiating my journey with reverse engineering and binary exploitation in Capture The Flag (CTF) competitions the optimal approach for entering the field of cybersecurity? Given the substantial knowledge gained from these activities, would transitioning to web penetration testing be a suitable progression, or is it more advisable to commence with web exploitation for long-term benefits?

I have been given a CTF Problem that is an image. The Hint for the CTF problem given is as follows:

HINT: SOMETIMES, THE OLDEST AND MOST UNUSED APPLICATIONS COME IN HANDY TO VIEW PICTURES. AFTER THAT, EVERYTHING's JUST CARTESIAN.

How do we have to go about solving this?

Hey!

I wanted to share with you a new CTFd plugin that calls a specific webhook when the first N players solve a challenge.

The GitHub repository contains:

• The configurable CTFd plugin;
• A predefined webhook for sending Mattermost messages to a channel;
• A Swagger definition that should be respected by the webhooks;
• A Docker Compose infrastructure for testing the webhooks and their integration with CTFd; and
• An extensive documentation in README.md.

If you have any thoughts on this or wish to contribute to the codebase (for example, with new webhooks), reach out to me or just create a PR 🤝.

After two years of being a failure as a Developer (even though i did some small-intermediate projects by my self successfully),

but now i found that what i REALLY want is bug bounty,

i need a guide or something. when i become smart bug hunter, i will give it back to community,

I Promise🤞

My major area of work is around computer's and in that it is computer architecture from the point of infrastructure, like understanding and maintaining infra from point of view of security, patching, failure etc but

But I always like to play different competitions like capture the flag(security), competitive programming and I always have this list of always online competitions , I have very wide good list of projects

• build my own tiny OS
• write symbolic execution
• write a tiny compiler
• etc etc etc

But I never get started on this properly as of my work I do learn some stuff but it is mostly around writing small query like stuff but I miss some part of what the actual definition of "hacking" is like trying something new, trying to join pieces that are not meant to fit but can produce something very cool.

So my problem is how does anyone manages to maintain good amount of time and boundary in their workplace work and their personal projects , where personal projects can become slightly so much more exciting but as per situation you are not meant to give that much amount of time.

most of the time I get so confused I end up just playing games and procrastinating, But I want to complete my work and do my projects with extreme satisfaction, I want my work to atleast produce some presentable stuff which totally doesn't goes to waste.

Quoting homepage:

If you want to start using SydB☮x right away and get involved in a CTF game, SSH to syd.chesswob.org with user/password syd and try to read the file /etc/CTF. There's a reward of 100€ if you manage to read the file and document how you did it by posting a mail to syd@chesswob.org

⇒  ssh syd@syd.chesswob.org
# SydB☮x: Capture The Flag!
1. Read the file /etc/CTF, you have 3 minutes!
2. Post the contents and how you read it to syd@chesswob.org
3. Earn a reward of 100€!
syd@syd.chesswob.org's password: 
syd@SydB☮x ~ $ ls -l /etc/CTF
-rw-r--r-- 1 root root 1001 Nov  8 20:17 /etc/CTF
syd@SydB☮x ~ $ cat /etc/CTF
cat: /etc/CTF: Permission denied

The Game is on. Viva la Revolucion!

We covered the boot2root challenge Athena from TryHackMe. We scanned the machine with Nmap and discovered SMB server from which we extracted a note that pointed us to a directory on the webserver where we discovered a ping tool running. We used command substitution to inject a bind shell and land the first foothold. We discovered a backup script running on a periodic basis as another user. We modified the script to execute reverse shell and opened another session as the user Athena. Upon enumeration, we found that the user Athena can load kernel modules as sudo using insmod without the need for root password. We downloaded the kernal module "venom.ko" and used Ghidra to reverse engineer the binary. We discovered that it's a rootkit and after code analysis we were able to interact with the module to call a function that escalated privileges from Athena to Root.

Video is here

Writeup is here

We used Burp Suite to demonstrate an experiment on enumerating sessions IDs created using PHP language. The source code used a vulnerable mechanism in creating the session ID by assigning a numerical value in a pre-determined range and linking it to the user's profile. When the session ID isn't randomly generated, it makes the web application vulnerable to session hijacking attacks. We used OverTheWire war games Natas Level 18 - 19 challenge for demonstration purposes.

Video is here

Writeup is here

Anyone tried to create a ctf on LLM models. I tried the Ai Goat but Couldn’t add more of my models to run on it. I am not sure How I can train new instructors on the challenge. Can anyone help ?

We covered another hardware hacking challenge where we demonstrated an analysis of an archived file that was created by capturing data off the async serial interface of an embedded device. The objective was to decode the captured data and we used SALEAE logic analyzer to decode the data.

Video is here

Writeup is here