Stats: 3,228,926 members, 8,080,489 topics. Date: Monday, 17 February 2025 at 05:52 PM |
Nairaland Forum / Science/Technology / Programming / Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... (1157 Views)
Codewars.com Coding Challenges / Me And The Ctfs. / Katie Bouman, Lady Who Helped Capture The First Image Of A Black Hole (2) (3) (4)
Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 4:27pm On Feb 22, 2022 |
It all started with my Facebook account being hacked some years ago(someone successfully did xss phishing on me) ''i was like how did they achieved it !!!?'' I got curious and started searching online on how to hack into someones account,what I saw baffled me different methods on how to gain access onto someone else acct.. there I came across some hacking tools (password cracking tools like like John the ripper,burb suite etc ..) I was like how can I get any of these, then I started a little research on it and then I realized I had to install it on a Linux OS called Kali Linux (never knew there was a hacking OS till that day)... Curiosity got over me I then went on to install the OS on my Laptop and played around with some tools but wasn't getting any of it as I don't understand how any of the tools worked...... After learning some ethical hacking course on Udemy and tryhackme with lots of pdf (such as blackhat python, the art of penetration testing,Ethical hacking for dummy's,Social engineering: the art of Human pentesting, Kali Linux :Beginning Ethical Hacking,NMAP Network Scanning. etc ....) with some labs like Metasploit, tryhackme and metasploitable Then what? just it just stop their?? after becoming certified in ethical hacking on Udemy, does it stop there?? No! No! From my learning and experience on youtube videos, they don't teach the real deal,they only show you how to Metasploit and nothing more Asif though there's a restriction I don't know at all new techs,new way of doing and exploiting things,New CVE-Exploits,but you won't find any on YouTube apart from how to Metasploit and nothing more...... Best way I think one to keep his/her skill in the field a topnotch is by practicing different kind of Virtual box's on Vulnhub (a website that contains different varieties and leveled based(from medium to Hard) virtualized server you could hack into ).. lieu to this i plan to hack through 100 Vulnhub machines this year by God's grace and share my experience for each and every machines on this thread .... Just of recent some companys (like PICO) are beginning to hold CTFs in Africa and I would join and win one I also encourage others to also share their experience website to VULNHUB www.vulnhub.com website to register and train play.picoctf.org 1 Like |
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 4:33pm On Feb 22, 2022 |
started with Bandit already at level 6 link to get started ::: https://overthewire.org/wargames/bandit/bandit0.html The Bandit wargame is aimed at absolute beginners. It will teach the basics needed to be able to learn basic to advance Linux bash commands and play other wargames. link Bandit Level 6 → Level 7 Level Goal The password for the next level is stored somewhere on the server and has all of the following properties: owned by user bandit7 owned by group bandit6 33 bytes in size Commands you may need to solve this level ls, cd, cat, file, du, find, grep personal work through: This level required a much more complex find command. Given that the file could be anywhere on the system we have to start the find at the root level. From there we specify what owner(bandit7), group(bandit6), and size(1033kb) of file we are looking for. The only new addition to this level is that we need to discard any errors or we will never be able to sort through all of the junk that comes back. 1 Like
|
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by ApostolosIisous: 7:04pm On Feb 22, 2022 |
1 Like |
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by ApostolosIisous: 7:04pm On Feb 22, 2022 |
Join the discord server. We have a section for Cybersecurity. 1 Like |
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 12:56pm On Feb 27, 2022 |
Bandit Level 7 → Level 8 Level Goal The password for the next level is stored in the file data.txt next to the word millionth Commands you may need to solve this level grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd This level introduces two new commands, grep and pipe. The pipe character tells the system to take the output of the last command run and use it as the input for the next command. Grep is a command that allows you to search within text for a given string.
|
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 12:58pm On Feb 27, 2022 |
Bandit Level 8 → Level 9 Level Goal The password for the next level is stored in the file data.txt and is the only line of text that occurs only once Commands you may need to solve this level grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd Helpful Reading Material Piping and Redirection solution You must first sort (using the 'sort' command) the data which places all identical lines next to each other. Once that is complete, you use the uniq command with the -u flag to only display strings that are not duplicated.
|
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 1:00pm On Feb 27, 2022 |
Bandit Level 9 → Level 10 Level Goal The password for the next level is stored in the file data.txt in one of the few human-readable strings, preceded by several ‘=’ characters. Commands you may need to solve this level grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd solution There is no right or wrong way to go about this. The method below is simply what I have found provides the cleanest, clearest output. We start by using the strings command which is excellent at parsing these sorts of files. If we only run that, we are still presented with dozens of lines of text to sort through. Instead of trying to do that on our own, we can pipe this output to grep and search for a few = signs. This gives us the password very clearly.
|
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 1:02pm On Feb 27, 2022 |
Bandit Level 10 → Level 11 Level Goal The password for the next level is stored in the file data.txt, which contains base64 encoded data Commands you may need to solve this level grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd Helpful Reading Material Base64 on Wikipedia Solution This is a relatively straight forward level – you simply need to find the command to decode base64
|
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 1:07pm On Feb 27, 2022 |
Bandit Level 11 → Level 12 Level Goal The password for the next level is stored in the file data.txt, where all lowercase (a-z) and uppercase (A-Z) letters have been rotated by 13 positions Commands you may need to solve this level grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd Helpful Reading Material https://en.wikipedia.org/wiki/Rot13 Solution The command used to solve this is a little bit difficult to explain but I’ll give it my best shot. What we are doing is piping the output of data.txt to the tr (translate) command. In the tr command we are telling it to turn the set A-Z and a-z into N-Z,A-M and n-z,a-m. The reason for splitting the translated alphabet up is because we need to shift everything down 13 characters, meaning anything coming after N has to go back to the beginning (S becomes F). If you are interested in this sort of thing, there are a number of great cryptography resources out there that start off simple (rot13) and get much more advanced. command::: ( cat data.txt | tr 'A-Za-z' 'N-ZA-Mn-za-m' )
|
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 1:11pm On Feb 27, 2022 |
Bandit Level 12 → Level 13 Level Goal The password for the next level is stored in the file data.txt, which is a hexdump of a file that has been repeatedly compressed. For this level it may be useful to create a directory under /tmp in which you can work using mkdir. For example: mkdir /tmp/myname123. Then copy the datafile using cp, and rename it using mv (read the manpages!) Commands you may need to solve this level grep, sort, uniq, strings, base64, tr, tar, gzip, bzip2, xxd, mkdir, cp, mv, file Solution As you can see, this level sucks. Luckily, once you get used to each command, it goes smoothly, if not quickly. You want to start by moving the file to the /tmp/YourName directory so that you can work on it with write permissions. You must then use xxd to convert it out of a hex format and back into the compressed format. From there you use the file command to determine what sort of file it is. In this case it is a gzip file, so we rename it to .gz then use the gzip command to uncompress it. This process basically repeats for an absurd number of times using gzip, bzip2, and tar. Eventually you will run the file command and it will tell you that you have an ASCII file – happy days! ![]() ![]() ![]()
|
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 12:33pm On Feb 28, 2022 |
Comments questions and support is highly appreciate ![]() 1 Like |
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 5:13pm On Mar 03, 2022 |
the time is finally here https://www.africa.engineering.cmu.edu/research/cylab/picoctf-guide.html it's in group of teams 2-5 individuals experience hackers please connect let's make a team 2 Shares
|
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 7:19am On Mar 14, 2022 |
recent CTF attended, my team and i came out 128th position out of 630 teams
|
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 7:47pm On Mar 31, 2022 |
another ctf completed>>>came out 35th position
|
Re: Ctfs(capture The Flag Challenges),vulnhub,tryhackme,overthewire.... by Hamzasaid(m): 2:10pm On Jun 08, 2023 |
. |
(1) (Reply)
Daily IT News And Links / Look At The New Programmers' Resource Website Just Being Developed / Database Development For Mosque/church
(Go Up)
Sections: politics (1) business autos (1) jobs (1) career education (1) romance computers phones travel sports fashion health religion celebs tv-movies music-radio literature webmasters programming techmarket Links: (1) (2) (3) (4) (5) (6) (7) (8) (9) (10) Nairaland - Copyright © 2005 - 2025 Oluwaseun Osewa. All rights reserved. See How To Advertise. 30 |