Freaks City

Miscellaneous Who Am I? This challenge requires matching items against a provided list. While straightforward, it demands careful attention to detail as the information is spread across multiple entries. The solution involves cross-referencing each elemant systematically until all correspondences are established. You and Me Blind watermarking ...

Problem Overview The challenge provides two files: an APK and a pcapng packet capture. The solution requires analyzing network traffic and reverse engineering the encryption implementation. Traffic Analysis Opening the pcapng file reveals standard TCP traffic. Following TCP streams and decoding the hex content exposes the application protocol: ...

Challenge Overview The binary implements a flag verification mechanism using chained XOR operations. Understanding the execution order is critical: the program applies XOR transformations both before and after the main function executes, leveraging ELF initialization sections and exit handlers. ELF Initialization Function Table In ELF binarie ...

Binary String EnumerationExamining the downloaded file in a hex editor (such as 010 Editor) allows for a direct search of specific signatures. By querying the string "CATCTF", the hidden credential can be directly retrieved.Credential: CatCTF{EFI_1sv3ry_funn9}Image Color Channel Analysis and Morse DecodingWhen standard hex inspection and metada ...

Platform: VirtualBox Attacker System: Kali Linux (IP: 10.0.2.15) Target System: Hacker_Kid (IP: 10.0.2.42) Objective: Obtain root privileges and capture the flag. Reconnaissance and Scanning Initial host discovery was performed using Nmap to identify the target IP address. Subsequently, a port scan revealed three open services: Port 53 (DNS) P ...

Overview File upload vulnerabilities arise when web applications inadequately validate or sanitize user-supplied files before storing and serving them. Exploiting these flaws allows attackers to inject executable code—such as PHP webshells—into the server’s filesystem, often leading to remote code execution. Upload-Labs is a deliberately vulner ...

Environment Setup Network Configuration Two network adapters required: External network: 192.168.157.0/24 Internal network: 192.168.183.0/24 Windows 7 Configuration Start the Win7 VM and the Domain Controller first. Do not start the web server yet. Credentials: Dotest123 Navigate to Control Panel → Power Options Set all power-saving features ...

The login form itself remains unresponsive to basic authentication attempts. After registering an arbitrary account and signing in, the application redirects to a path containing a title parameter and exposes a password-change feature. Attempting to inject inside the password-reset interface produces no discernible output, indicating the vulner ...