BSides-Jeddah-CTF Writeups to the BSides Jeddah CTF – 2021 Situation – BSides Jeddah BSides Jeddah is coming up with a blueteam flavored CTF this year hosted by CyberDefenders. This will be a Jeopardy-style intermediate CTF with a few harder challenges, including network analysis, memory forensics, and malicious document analysis. To get latest updates, follow us on twitter @JeddahBsides , @CyberDefenders.
BSides-Jeddah-CTF Writeup to the BSides Jeddah CTF – 2021 Situation – BSides Jeddah BSides Jeddah is coming up with a blueteam flavored CTF this year hosted by CyberDefenders. This will be a Jeopardy-style intermediate CTF with a few harder challenges, including network analysis, memory forensics and malicious document analysis. To get the latest updates, follow us on twitter @JeddahBsides ,
Syncopated Beat Points 300 Description We know there’s a hidden message somewhere here, but none of our steg tools are able to reveal it. Maybe we need to think outside the box? It is a well-known fact that demons sometimes hide messages in music. Demons speak lyrics to the musicians, and the demons insinuate their evil messages into the song.
Spectres Points 450 Description We intercepted this image from a suspected insider threat at De Monne Financial. It looks like parts of the image were cut out, but based on conversations between DEADFACE and the insider, we believe DEADFACE’s wallet address is hidden in this image. Image Getting the flag Take the picture to https://aperisolve.fr/ -> Just read the flag
Useful payloads Here are some valuable payloads for both Linux & Windows command injection on a vulnerable web-application. Feel free! Linux Payload Description whoami See what user the application is running under. ls List the contents of the current directory. You may be able to find files such as configuration files, environment files (tokens and application keys), and many more
Poor MEGAN! Points 20 Description Oh, NO! Poor Megan! She’s just been bitten by a ZOMBIE! We can save her if we act fast, but the formula for the antidote has been scrambled somehow. Figure out how to unscramble the formula to save Megan from certain zombification. Enter the answer as flag{here-is-the-answer}. The formula for the antidote: j2rXjx9dkhW9eLKsnMR9cLDVjh/9dwz1QfGXm+b9=wKslL1Zpb45 Getting the
Password Insecurities Points 50 Description It looks like DEADFACE is going after the password of one of De Monne’s customers: Haily Poutress. She has since changed her password, but De Monne is looking for ways to improve password requirements. De Monne would like you to crack the password from the database leak to determine if Haily’s password was secure enough.
Blood Bash 4 Points 200 Description A sensitive file from De Monne was exfiltrated by mort1cia. It contains data relating to a new web portal they’re creating for their consumers. Read the contents of the file and return the flag as flag{flag_goes_here}. Username: bl0ody_mary Password: d34df4c3 bloodbash.deadface.io:22 Get the flag We find a sus file in the homedirectory of the
All A-Loan Points 375 Description De Monne has reason to believe that DEADFACE will target loans issued by employees in California. It only makes sense that they’ll then target the city with the highest dollar value of loans issued. Which city in California has the most money in outstanding Small Business loans? Submit the city and dollar value as the
El Paso Points 250 Description The regional manager for the El Paso branch of De Monne Financial is afraid his customers might be targeted for further attacks. He would like you to find out the dollar value of all outstanding loan balances issued by employees who live in El Paso. Submit the flag as flag{$#,###.##}. Use the MySQL database dump