writeup
-
Read more: Oauthbreaker – Hacker101 CTF – @lautarovculic
Difficulty: Moderate Skills: Android Flags: 2 Flag 1/2 The first thing that we need to do is download the .APK file and decompile with apktool ☝️🤓 apktool d oauth.apk And for recon, I’ll run MobSF and jadx-gui The target SDK is 28, then I will use my Android 9.0 with Genymotion. Install the .APK with…
-
Read more: Intentional Exercise – Hacker101 CTF – @lautarovculic
Difficulty: Moderate Skills: Android Flags: 1 Flag 1/1 First, we need wait until the APK is building. Download the .APK file. Decompile the .APK with apktool apktool d level13.apk The target SDK is 28 (Android 9.0). Then, install the APK with ADB to our Android Device, I use Genymotion. adb install level13.apk Open the app…
-
Read more: Codify – Hack The Box – @lautarovculic
User.txt Add the machine IP to /etc/hosts file Now it’s nmap time sudo nmap -sS –min-rate 5000 -n -Pn -T4 -vv 10.10.11.239 PORT STATE SERVICE REASON VERSION 22/tcp open ssh syn-ack ttl 63 OpenSSH 8.9p1 Ubuntu 3ubuntu0.4 (Ubuntu Linux; protocol 2.0) 80/tcp open http syn-ack ttl 63 Apache httpd 2.4.52 3000/tcp open http syn-ack ttl…
-
Read more: Analytics – Hack The Box – @lautarovculic
User.txt First we will configure the /etc/hosts file to be able to work. It’s time to see what the nmap scan says. We have port 22 and 80 open. Let’s take a look at what’s on the website. It seems that, as in most machines, the IP addresses the name, in this case, it redirects…
-
Read more: CozyHosting – Hack The Box – @lautarovculic
User.txt First, as usual, let’s configure our /etc/hosts file with the IP linked to the domain cozyhosting.htb After that, let’s do the recon scan with nmap. On port 80, we find the web page, which has a login. Let’s do a scan with dirb to find other directories and possible entry points. And we find…
-
Read more: Visual – Hack The Box – @lautarovculic
User.txt We note that the only open port is 80:HTTP After configuring as usual the /etc/hosts file, let’s take a look at the content of the web page, underneath, we find a functionality; which as it indicates, we can send a repository. But first, take a close look at the following message: Basically, a Git…
-
Read more: Keeper – Hack The Box – @lautarovculic
User.txt First we are going to configure the /etc/hosts file According to nmap, we have port 22 and 80 open. We see that keeper.htb redirects us to another page with a subdomain, we will also add it to /etc/hosts to be able to reach it. I tried enumerating with dirb, but to no avail. I…
-
Read more: Supermarket – Hack The Box – @lautarovculic
Difficult: Medium Category: Mobile OS: Android Description: My supermarket list is too big and I only have $50. Can you help me get the Discount code? Download the .zip and install the APK vía ADB. adb install -r supermarket.apk Reading the application code and taking into account the description of the challenge, apparently we have…
-
Read more: Micro-CMS v2 – Hacker101 CTF – @lautarovculic
Difficulty: Moderate Skills: Web Flags: 3 Flag 1/3 The /page/1 Say: This version fixed the multitude of security flaws and general functionality bugs that plagued v1. Additionally, we added user authentication; we’re still not sure why we didn’t think about that the first time, but hindsight is 20/20. By default, users need to be an…
-
Read more: SAW – Hack The Box – @lautarovculic
Difficult: Medium Category: Mobile OS: Android (SDK ≥ 29) Description: The malware forensics lab identified a new technique for hiding and executing code dynamically. A sample that seems to use this technique has just arrived in their queue. Can you help them? When you download the .zip file and extract them, we can see that…