The team is composed of 0xBlank, Pezzz and Steels, check the About us section for more informations. On this website you will find articles about :
- Our path to pentest/red-team certifications
- HackTheBox and CTF writeup
- Presentation of homemade tools
- Miscellaneous articles
Latest articles:
Recon nmap scan 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 └─$ rustscan -a 10.10.11.166 -b 4000 -- -Pn -sV -A ssh-hostkey: | 2048 61:ff:29:3b:36:bd:9d:ac:fb:de:1f:56:88:4c:ae:2d (RSA) | ssh-rsa AAAAB3NzaC1yc2EAAAADAQABAAABAQC5Rh57OmAndXFukHce0Tr4BL8CWC8yACwWdu8VZcBPGuMUH8VkvzqseeC8MYxt5SPL1aJmAsZSgOUreAJNlYNBBKjMoFwyDdArWhqDThlgBf6aqwqMRo3XWIcbQOBkrisgqcPnRKlwh+vqArsj5OAZaUq8zs7Q3elE6HrDnj779JHCc5eba+DR+Cqk1u4JxfC6mGsaNMAXoaRKsAYlwf4Yjhonl6A6MkWszz7t9q5r2bImuYAC0cvgiHJdgLcr0WJh+lV8YIkPyya1vJFp1gN4Pg7I6CmMaiWSMgSem5aVlKmrLMX10MWhewnyuH2ekMFXUKJ8wv4DgifiAIvd6AGR | 256 9e:cd:f2:40:61:96:ea:21:a6:ce:26:02:af:75:9a:78 (ECDSA) | ecdsa-sha2-nistp256 AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBAoXvyMKuWhQvWx52EFXK9ytX/pGmjZptG8Kb+DOgKcGeBgGPKX3ZpryuGR44av0WnKP0gnRLWk7UCbqY3mxXU0= | 256 72:93:f9:11:58:de:34:ad:12:b5:4b:4a:73:64:b9:70 (ED25519) |_ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIGY1WZWn9xuvXhfxFFm82J9eRGNYJ9NnfzECUm0faUXm 25/tcp open smtp syn-ack Postfix smtpd |_smtp-commands: debian.localdomain, PIPELINING, SIZE 10240000, VRFY, ETRN, STARTTLS, ENHANCEDSTATUSCODES, 8BITMIME, DSN, SMTPUTF8, CHUNKING, 53/tcp open domain syn-ack ISC BIND 9.
DownUnderCTF - ogres are like onions DFIR - easy if you see this you have to post in #memes thems the rules
1 docker run -tp 8000:8000 downunderctf/onions hint
Author: emily
Write-up For this challenge if first took a look at the hint, which was nothing really helpful, at first I did not understood the link between onions and docker layers.
So I just ran the docker to start the challenge and it gives me a site with memes about shrek, so nothing intresting at first sight but it noticed that the last meme is not printed.
Recon nmap
1 2 3 4 5 6 7 └─$ rustscan -a 10.10.10.11 -b 2500 -- -T5 -Pn -sV -A PORT STATE SERVICE REASON VERSION 135/tcp open msrpc syn-ack Microsoft Windows RPC 8500/tcp open fmtp? syn-ack 49154/tcp open msrpc syn-ack Microsoft Windows RPC Service Info: OS: Windows; CPE: cpe:/o:microsoft:windows We face a Windows machine with only a rpc service and an unknown service on port 8500.
While browsing, I found that port 8500 as been assigned to Adobe ColdFusion.
Recon nmap
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 └─$ nmap -T5 -p- -sV -A -Pn 10.10.10.184 PORT STATE SERVICE VERSION 21/tcp open ftp syn-ack Microsoft ftpd | ftp-anon: Anonymous FTP login allowed (FTP code 230) |_02-28-22 07:35PM <DIR> Users | ftp-syst: |_ SYST: Windows_NT 22/tcp open ssh OpenSSH for_Windows_8.
SYNOPSIS Valentine is a very unique medium difficulty machine which focuses on the Heartbleed vulnerability, which had devastating impact on systems across the globe.
Recon nmap
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 └─$ nmap 10.10.10.79 -T5 -p- -sV -A -Pn Starting Nmap 7.92 ( https://nmap.org ) at 2022-09-15 12:53 CEST Warning: 10.10.10.79 giving up on port because retransmission cap hit (2).
Recon nmap
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 └─$ nmap 10.10.11.104 -T5 -A -sV -p- Starting Nmap 7.92 ( https://nmap.org ) at 2022-09-12 14:43 CEST Warning: 10.10.11.104 giving up on port because retransmission cap hit (2). Nmap scan report for 10.10.11.104 Host is up (0.034s latency). Not shown: 61881 closed tcp ports (conn-refused), 3652 filtered tcp ports (no-response) PORT STATE SERVICE VERSION 22/tcp open ssh OpenSSH 7.