Collaborate Disseminate
I’m doing a capture-the-flag challenge (similar to HackTheBox) and I can’t figure it out despite looking at many workarounds how to solve my issue.
I did:
nmap –> got port 8080
firefox -> 10.10.40.122:8080 -> got Apache
msf6 use… Continue reading Payload uploaded but error : "no session was created"
I’m wondering why such tools as Nessus or OpenVAS don’t get used in CTFs. It’s always about the same NSE, nikto, etc. but never generic vulnerability scanners.
Continue reading Why don’t vulnerability scanners get used in CTFs? [closed]
I am new to the CTF. I’ve already solved a couple of different steganography tasks, but there is one that I just can’t figure out. So I’ve been given this image and flag is hidden there. All I know is that this flag starts with "ugra_… Continue reading Steganography image CTF question
I am doing a CTF and am trying to change the link so it can run a "flag" program. I was able to get the PHP source code as shown below. But I am stuck and I do not know how I should change the website link to get the flag.
http:/… Continue reading PHP Source Code CTF [closed]
In a brilliant write-up, [Stephen Tong] brings us his “Use-After-Free for Dummies“. It’s a surprising tale of a vulnerability that really shouldn’t exist, and a walkthrough of how to complete …read more Continue reading This Week in Security:Use-After-Free For Dummies, WiFi cracking, and PHP-FPM
This is the third part of a forensics challenge in a European CTF, and it is apparently the most difficult one because only three people flagged it among 700 participating.
I’m only here for guidance on what could be done and only want an … Continue reading Is it possible to create an NTFS partition having only the $MFT and $J tables ? Forensics CTF
http://ec521web.bu.edu/
This is the website made to be hacked. I need help figuring out how to go about getting these answers.
President Brown likes to browse terrierBook in his spare time. Can you retrieve President’s Brown secret token?… Continue reading Web Security CTF Guidance
I’m doing storm ctf.
I have a problem brute-forcing a zip file that contains the flag.
I use rockyou, big and common wordlist included in Kali Linux, but none of them contains the password!!!!
Is there a specific wordlist for CTF like this… Continue reading is there any general wordlist for CTF challenges? [closed]
I understand the crackme I am researching is from 2007, however this was the point in my life when I initially became interested in reverse engineering and wish to complete it for nostalgia sake. Following on from this question, I intend t… Continue reading Some introductory reverse engineering help on finding a string
I am doing a CTF challenge and I am at the last step. I used a login to get "your encrypted key is" blahblahblah. What do I do with this encrypted key to get the flag?