Got slow portscans on CTF’s?

Aaaaaargh, my port scan take forever to complete! Heard that one before? You should have, it is a common complaint often heard between CTF rookies. Today we are looking into some ways to mitigate slow scans. Nmap When looking at the various complaints, Nmap seem to be the culprit. Gamers bash it for being slow […]

Read More Got slow portscans on CTF’s?

Trollcave 1.2 – walkthrough

Trollcave is a vulnerable VM, in the tradition of Vulnhub and infosec wargames in general. You start with a virtual machine which you know nothing about – no usernames, no passwords, just what you can see on the network. In this instance, you’ll see a simple community blogging website with a bunch of users. From […]

Read More Trollcave 1.2 – walkthrough

Notes on making CTF games

Some time ago I wrote a post named “unofficial guide to creating CTF VMs“. Since then I have been approached by random people, students I mentor and colleagues asking how to make that virtual machine vulnerable. Well, I never intended that post to reveal that. It was simply left as an exercise to the readers. Today I […]

Read More Notes on making CTF games

billu b0x – walkthrough

Welcome to another segment in my Vulnhub series! Today I am focusing on the billu: b0x CTF game hosted on Vulnhub. The game description didn’t say much, just that it runs standard LAMPP and the mission is to gain ROOT access. Well, then – let’s get cracking! Investigation Finding Target and Services Finding the Target: […]

Read More billu b0x – walkthrough

Proteus V1 – Walkthrough

Welcome to another segment in my Vulnhub series! Haven’t had much time to focus on these lately due to work – but I managed to squeeze in some time over the last few weeks to play with the Proteus game. So here it is! Description from Vulnhub: “An IT Company implemented a new malware analysis […]

Read More Proteus V1 – Walkthrough

DonkeyDocker 1 – Walkthrough

This writeup covers the Vulnhub CTF game DonkeyDocker 1 (2017), which might be the most interesting game I have played this year. In this game players are to play with Docker – a task that lies close to my heart since I love this technology. Although I am bit rusty on it ever since I […]

Read More DonkeyDocker 1 – Walkthrough

Ew_Skuzzy 1 – walkthrough

Today I am sharing my work log for the “Ew_Skuzzy: 1” CTF game. This game was released only recently, on the 17th of March 2017. As of time of writing, there haven’t been much information released about it. That adds another dimension to solving it and suits me fine. As always I have based my […]

Read More Ew_Skuzzy 1 – walkthrough

Wallaby’s Nightmare – Walkthrough

This segment of my Vulnhub series covers my walkthrough for the “Wallaby’s Nightmare (v1.0.2)” game. Finding Host and uncover services As always, I began finding the address of the game: Command sudo nmap -sn In my case, target got assigned IP address Then moved on uncovering services: Command sudo nmap -p1-65535 -A -T4 […]

Read More Wallaby’s Nightmare – Walkthrough

USV: 2016 (v1.0.1) – Walkthrough

This segment of my Vulnhub series covers my walkthrough for the “USV: 2016 (v1.0.1)” game. There are 7 flags to discover in the form of: Country_name Flag: [md5 hash]. Prephase Finding Host As always I started out finding the address of the CTF game: In my case, the IP was IP Service Scan Next […]

Read More USV: 2016 (v1.0.1) – Walkthrough