CTF Writeups

CTF Writeup Aggregation Post!


Currently documented CTFS:
  • Hack the Box - Business CTF 2022
    • Breakout
      • Challenge: A C2 implant's interface was left exposed on a victim's webserver. Break into the interface and enumerate its functionality.
      • Compromised the C2 interface and extracted a non-native binary, 'bkd.'
      • Performed analysis on the binary and extracted the flag from multiple strings present in the compiled code.
      • Challenge: A browser extension is believed to host cryptomining malware. Investigate.
      • Downloaded and unzipped the .crx (browser extension) file.
      • Reverse engineered heavily obfuscated malicious javascript code to retrieve the flag.
      • Challenge: A CEO's password vault has been compromised after receiving an email with an attachment. Review the provided PCAP file and attachment to determine how he was compromised.
      • Unzipped the attachment (a .docx file), used OLE Tools suite to analyze its contents, and discovered malicious VBA macros calling out to a fake Windows Update site and containing a part of the flag.
      • Analyzed the provided PCAP file and found two indicators of compromised: a malicious HTML payload and some obfuscated PowerShell commands.
      • De-obfuscated the malicious HTML payload to discover part of the flag.
      • De-obfuscated and reverse-engineered the PowerShell payload to reveal the final part of the flag.


Remember when you had time for CTFs? I remember when I had time for CTFs.