Author: Martin Buist

CTF – [√-1 +1]CTF Server – Meta

Challenge Solution Downloaded the Image The challenge is called meta. So, looked at the meta and found artist has a string VjIweE5HRkdiM3BrU0ZKT1RURkZkMWRyVWxOTlJUVkhUMGhvYWsxVWJEWlVWVmsxWkVVd2VsVlVRbTFWVkRBNQ== Run it through a base 64 decoder https://www.base64decode.org/ Got a string back -> V20xNGFGb3pkSFJOTTFFd1drUlNNRTVHT0hoak1UbDZUVVk1ZEUwelVUQm1VVDA5 Here I got stuck for a while and somebody told me try again. So I did I put the next string into the decoder I got Wm14aFozdHRNM1EwWkRSME5GOHhjMTl6TUY5dE0zUTBmUT09 Now I put this in the decoder I got this ZmxhZ3ttM3Q0ZDR0NF8xc19zMF9tM3Q0fQ== I […]

CTF – [√-1 +1]CTF Server – Blinking Lights

The Challenge The link directs you to a chat with only Black and White dots The Solution So space are black and dots are white. First I thought it was more code. Because the title of the challenge is blinking light. But reversing it from morse with cybershef came up empty Then Instead of space and dots I use B and L Underneath I did 1 and 0 First I did nt notices the first […]

CTF – [√-1 +1]CTF Server – Fuzzy

The Challenge   The Solution We are getting a wav file to explore. By listing to it we only hear weird sounds in different frequencies First what we always do with a file exploration Exiftool: String tool: Strings flag.wav -> no results After a google search I came along a very good site that is explaining very well how wav challenges work -> https://medium.com/analytics-vidhya/get-secret-message-from-audio-file-8769421205c3 For the solution on this challenge Download the Sonic Visualizer Load […]

Fix Pi-hole not showing Twitter Images

When using twitter on my mobile and connected to my WIFI at home I noticed the images are not loading in the twitter mobile app When turning off pi-hole the images are loading. But nothing was blocked in the query log. I whitelisted twimg.com and twitter.com The issue was still there When logged in to Pi hole I start an audit to see what pi-hole is doing realtime I noticed allot of NODATA-IPv6 when using […]

CTF – HTB – Stego – DigitalCube

The Challenge   The Solution Unzipping the file is giving me Digitalcube.txt First as with all files. The Exiftool Opening the file is giving me binary code Putting it in Cyberchef is giving me rubbish It could be an Image Going to https://www.dcode.fr/binary-image With 50:50 as in the text of the challenge It is giving me a QR code Scanning the QR code is giving me the Flag

Install and configure Burpsuite

What is Burpsuite Burp Suite, a framework of web application pentesting tools, is widely regarded as the de facto tool to use when performing web app testing. BurpSuite acts as a proxy between your browser and sending it through the internet – It allows the BurpSuite Application to read and send on HTTPS data. The suite can run under windows and linux. Install: https://portswigger.net/burp/communitydownload Burp Suite requires Java JRE in order to run. Download and […]

Basic – cURL

What is Curl curl is a tool to transfer data from or to a server, using one of the supported protocols (DICT, FILE, FTP, FTPS, GOPHER, HTTP, HTTPS, IMAP, IMAPS, LDAP, LDAPS, MQTT, POP3, POP3S, RTMP, RTMPS, RTSP, SCP, SFTP, SMB, SMBS, SMTP, SMTPS, TELNET and TFTP). The command is designed to work without user in‐ teraction. curl offers a busload of useful tricks like proxy support, user authentication, FTP upload, HTTP post, SSL connections, […]

CTF – [√-1 +1]CTF Server – Lazy DB

The Challenge   The Solution This one was fun to do but I needed some help in the beginnen   Clicking on the source   So in the source we see that we need 144 character long string We can use a post command The hint I got was binary When filling in a 0 or 1 on I noticed one was taking longer then the other one. So when the right combination is active […]

Next Page »