Enumeration Start with nmap scan. Check ssh and a web server are running. It failed to redirect to http://searcher.htb, so add it to /etc/hosts file. If nmap again after adding it to the /etc/hosts file, I got a different result. Here, I can see it is using Werkzeug 2.1.2 version. My first thought was to … Read More “OSCP series – Busqueda write-up” »
Author: Hong
Unzip the downloaded file. Then we get one more zip file called plain_sight.zip. Try to unzip it again, but I got the error message saying need PK compat. v5.1 (can do v4.6). Use another tool to unzip. 7z x plain_sight.zip Then we get the ELF file called plain_sight. A password is required if we execute … Read More “Crackmes: Plain_sight write-up” »
Exercise 1 Analyze the execution header. Check the first 15 lines of binaries from the file using xxd. In the first line, it can be seen that the magic byte of the ELF header starts with 0x7f. To understand what the following bytes mean, I used readelf command. The descriptions of each byte in the … Read More “Practical Binary Analysis chapter2 exercises” »
Download and unzip the attached file. The pcap file will be extracted from the zip file. Open the wireshark and go through packets.. I filtered packets with HTTP protocol. Then I found suspicious command injections. It seems it’s executing bash shell on 192.168.1.180. So, I filtered packets with the IP address 192.168.1.180. Then I checked … Read More “Hack the box: Wrong Spooky Season write up” »
This textbook is a great starting point for reverse engineering. Actually I was studying another textbook for learning reverse engineering. However, that wasn’t easy to fully understand the contents since I lacked fundamental knowledge. So I searched for a beginner-level textbook and came across this book. It teaches you the basics of reverse engineering. Fundamentals … Read More “Review: X86-SOFTWARE-REVERSE-ENGINEERING-CRACKING-AND-COUNTER-MEASURES” »
Download the zip file and unzip it. You will get the email with encoded contents. The first encoded block is like below. It’s saying it is base64 encoded. Let’s decode it from cyberchef. Then you will get the message from the leader of resistance. Now let’s check the second encoded block. When decode it, the … Read More “Hack the box – Urgent write up” »