Posts Categories Tags About Contact Me
https://www.ppeinecke.de/custom_assets/images/pascal_portrait.webp

Pascal's Blog

/featuredImages/potty.png

Synk Fetch the Flag 2022 - Forensics - Potty Training

 published on  included in FetchTheFlag forensics
Potty Training writeup This challenge has no task description besides that the challenge was sponsored by stegano. Let’s download the file from the description: 1 wget https://fetch.ctf-snyk.io/files/4d3889ec3c6d7d8af2978a36d6bc1460/potty.png?token=eyJ1c2VyX2lkIjo1MjExLCJ0ZWFtX2lkIjo0MDgsImZpbGVfaWQiOjQyfQ.Y2whFQ.hjYZ3KoJnXjQD7-foPUzzD8UTyQ -O potty.png Here is the image: First let’s check if this is really a png file by running the file command: 1 2 3 file potty.png potty.png: PNG image data, 1650 x 1200, 8-bit/color RGB, non-interlaced So it looks like it is in fact a png file.
/featuredImages/file_explorer.png

Synk Fetch the Flag 2022 - Web - File Explorer

 published on  included in FetchTheFlag web
File Explorer description tags: node.js Snyk Open Source Expose hidden files in the web application. http://file-explorer.c.ctf-snyk.io/ hint: https://github.com/lcrowther-snyk/file-explorer writeup After opening the website http://file-explorer.c.ctf-snyk.io/ in my webbrowser I see this: the link with the caption “here” redirects me to http://file-explorer.c.ctf-snyk.io/public/ and we can see a directory listing: This is the source code of the main site (http://file-explorer.c.ctf-snyk.io/): 1 2 3 4 5 6 7 8 9 10 <!DOCTYPE html> <html> <h1 id="page-title">Go ahead hack m3</h1> <h2 id="page-title">find the flag</h2> <p>Take a look at our files <a href="/public/">here<a></p> </body> </html> After I could not find anything interesting on that directory I ran gobuster to scan for any hidden files:
/featuredImages/technovate2022.jpg

Technovate2022 - Forensics - Hexed

 published on  included in Technovate2022 forensics
Hexed description Oh no! Our picture of a flag has been cursed! Can you undo the curse and recover the cursed flag image? writeup Ok so let’s pull this file down. 1 wget https://metaproblems.com/6f5668c78ccfd9f697010bd2a2a03ca4/hexed.png Although this file has the extension .png this is in fact not an image: 1 2 3 file hexed.png hexed.png: ASCII text The file command shows us that this file is really ASCII text. So it is a normal text file disguised as a png image file.
/featuredImages/technovate2022.jpg

Technovate2022 - Forensics - Trail Blazer

 published on  included in Technovate2022 web
Trail Blazer description I just made this cool website that acts as your own personal web browser! Why is this cool? Well… I wrote it! Anyway, check it out and let me know if there are any features you would like to see added! Hint: You just need to search for /flag.txt. writeup upon opening the website in my browser i am presented with the following form: If i try to input any url e.
/featuredImages/wreckctf_logo.png

WRECKCTF_2022 - web - sources

 published on  included in wreckctf web
WreckCTF_2022 - web - sources - writeup description click to spin, search for the flag! sources.challs.wreckctf.com writeup After going to the link https://sources.challs.wreckctf.com/ I can get the first part of the flag by looking at the HTML code: 1 2 3 4 5 6 7 8 9 10 11 12 13 14 <!doctype html> <html> <head> <link rel="stylesheet" href="style.css" /> <script src="script.js"></script> </head> <body> <img src="image.png" /> <div></div> </body> </html> <!
/featuredImages/responder.jpeg

HTB - Starting Point - Responder

 published on  included in HackTheBox SMB MDNS
HTB - Starting Point: Responder - writeup: Target IP Address: 10.129.17.20 export IP="10.129.17.20" Tasks Task1: When visiting the web service using the IP address, what is the domain that we are being redirected to? 1 2 curl $IP <meta http-equiv="refresh" content="0;url=http://unika.htb/"> A: unika.htb Task2: Which scripting language is being used on the server to generate webpages? 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 sudo nikto -h http://$IP perl: warning: Setting locale failed.