https://tariqbaater.github.io/tags/ctf/ Recent content in Ctf on Tariq Baater Hugo en Mon, 23 Dec 2024 00:00:00 +0000 https://tariqbaater.github.io/posts/2024/bandit-writeup/ Mon, 23 Dec 2024 00:00:00 +0000 https://tariqbaater.github.io/posts/2024/bandit-writeup/ <p>Bandit is the best starting point for anyone new to wargames. It teaches you the Linux command line through increasingly tricky challenges. Here’s my walkthrough. bandit0# This one is easy — the password is in the readme file. cat readme</p> <p>bandit1# To read files with special characters as the name, prepend ./: cat ./-</p> <p>bandit2# To read files with spaces, quote the filename: cat 'spaces in this filename'</p> <p>bandit3# Use ls -la to see hidden files and directories: ls -la inhere/</p> https://tariqbaater.github.io/posts/2024/leviathan-writeup/ Mon, 23 Dec 2024 00:00:00 +0000 https://tariqbaater.github.io/posts/2024/leviathan-writeup/ <p>Leviathan# The Leviathan wargame from OverTheWire tests basic Linux privilege escalation skills. Here’s my walkthrough. leviathan0# Use grep to find the password. leviathan1# Read the binary and trace with ltrace and strings. leviathan2# If you ltrace the binary printfile you will see it’s using the access() function — which is known for a TOCTOU (Time-of-check to time-of-use) vulnerability, mostly abused using symlinks. Check how the binary works: ltrace -f ./printfile filename</p> https://tariqbaater.github.io/posts/2024/mr-robot-writeup/ Sat, 30 Nov 2024 00:00:00 +0000 https://tariqbaater.github.io/posts/2024/mr-robot-writeup/ <p>This is the writeup for the Mr Robot CTF challenge on TryHackMe. Solution# First we start by enumerating the ports: nmap -p- -Pn -T4 <IP> | tee ports.txt</p> <p>Then we run the nmap script to find more information on the ports discovered: nmap -sC -sV -p <PORT> -T4 <IP> | tee ports.txt</p> <p>It is good practice to run a gobuster scan to find directories while busy enumerating the box further: gobuster dir -u <IP> -w /usr/share/dirbuster/wordlists/directory-list-2.3-medium.txt</p>