SQL injection vulnerabilities
Oopsie
Session hijack with burpsuite to get reverse shell uploaded. setuid used to run cat=/bin/sh in /tmp
Archetype
The ports smb, mssql are open. impacket tools are used.
Pathfinder
Windows box. Open port 88 is typically associated with Kerberos and port 389 with LDAP, which indicates that this is a Domain Controller. We note that WinRM is enabled on port 5985. Python bloodhound injester used.
emo
WearRansom ransomware just got loose in our company. The SOC has traced the initial access to a phishing attack, a Word document with macros. Take a look at the document and see if you can find anything else about the malware and perhaps a flag.
Illumination
A Junior Developer just switched to a new source control platform. Can you find the secret token?
Little Tommy
Little Tommy is so smart he made a banking program, please be nice to him and don’t break it.
You know 0xDiablos
I missed my flag
Old Bridge
Space
roaming in a small space