About

Currently documented CTFS:

• Hack the Box - Business CTF 2022

  • Breakout

    • Challenge: A C2 implant's interface was left exposed on a victim's webserver. Break into the interface and enumerate its functionality.

    • Compromised the C2 interface and extracted a non-native binary, 'bkd.'

    • Performed analysis on the binary and extracted the flag from multiple strings present in the compiled code.

  • Chromeminer

    • Challenge: A browser extension is believed to host cryptomining malware. Investigate.

    • Downloaded and unzipped the .crx (browser extension) file.

    • Reverse engineered heavily obfuscated malicious javascript code to retrieve the flag.

  • Lina's Invitation

    • Challenge: A CEO's password vault has been compromised after receiving an email with an attachment. Review the provided PCAP file and attachment to determine how he was compromised.

    • Unzipped the attachment (a .docx file), used OLE Tools suite to analyze its contents, and discovered malicious VBA macros calling out to a fake Windows Update site and containing a part of the flag.

    • Analyzed the provided PCAP file and found two indicators of compromised: a malicious HTML payload and some obfuscated PowerShell commands.

    • De-obfuscated the malicious HTML payload to discover part of the flag.

    • De-obfuscated and reverse-engineered the PowerShell payload to reveal the final part of the flag.

Postmortem

Remember when you had time for CTFs? I remember when I had time for CTFs.