Safetech Blog - Security Tips and Tricks

Challenges Archive



by Oana Stoian

Billu-b0x Write-up

This write-up is for Billu-b0x CTF machine hosted on Vulnhub https://www.vulnhub.com/entry/billu-b0x,188/ This is one of those challenges focused on real-world technical vulnerabilities and this is why I like it. In my setup, the machine is using 172.16.100.86 IP address and I started with a nmap scan: Running nikto on the web server will get us the…

Read More

284 total views, 11 views today


by Oana Stoian

CTF-USV Writeup

This Write-up is written after CTF-USV 2016 contest, where students had the challenge to conquer 7 flags. We used the Facebook CTF Platform, where each flag had assigned a country. The theme of the Capture the Flag contest was Game of Thrones. Everyone is watching the series, right? 🙂   Running nmap a LOT of opened…

Read More

7,501 total views, 40 views today


by Oana Stoian

Breach: 2.1

Dear all, this day I will present you my way of exploiting the vulnerable machine-Breach 2.1. Many thanks to @mrb3n813 and @VulnHub. For information gathering I will be using nmap:

The  ssh port is opened : 65535, so let’s try to connect to it:

A banner is displayed, and we find out about…

Read More

6,778 total views, 23 views today


by Oana Stoian

PwnLab:init Walkthrough

Thanks to Claor @Chronicoder and VulnHub folks for the opportunity of writing another walkthrough for a very challenging vulnerable machine. First thing first, I fired-up nmap. Usually I do that, run nmap and after that nikto. 😀 As it can be observed, only two ports are of interest: 80 (for HTTP) and 3306, on which runs mysql….

Read More

4,505 total views, 1 views today


by Oana Stoian

Tommy Boy 1 Write-up

If you came here just for the last flag, here it is:

That’s all folks! Thanks for reading this! 🙂 And now, if you want to know the story of TommyBoy machine, let’s start from the beginnig. This challenge has a story, and quite an enjoyable one IMHO and this will make things more…

Read More

1,854 total views, 1 views today


by Oana Stoian

Stapler Writeup

In this article I will present you the way I have completed the Stapler machine challenge hosted on Vulnhub. Stapler is particularly interesting because it allows you to perform and obtain a lot of various information through enumeration – one of the best machines for this actually – thanks to @g0tmi1k for this!   Information gathering…

Read More

3,780 total views, 4 views today


by Oana Stoian

Fuku Writeup

There are lots of ways for exploiting Fuku, a machine which is not so easy to compromise – at least not for the patienceless, as it has some interesting defense mechanisms – some of them you will discover below, some of them  I’ll let you discover 🙂 Today, I’ll show you my way.   First…

Read More

1,848 total views, no views today


by Ionut Cernica

Codegate 2014 quals – web 200 WriteUp

WebProxy WriteUp We were given a web application with a proxy functionality.

In the response from the server a comment can be found which contains the link where the flag might be.

The request type is “GET” and it has one parameter named “url”.

The value of the “url” parameter is filtered….

Read More

680 total views, no views today