circusmonkey404's Security Site

Ringzer0CTF – Web – Big Brother is watching Objective: Get the flag…… I don’t know what else to put here Hint: Even Google can’t find this one Solution: So that’s a pretty big hint. What can’t google see with its web crawlers? Robots.txt This is a config file you can place on your website that directs google or any other web crawler to not index certain directories or files Here is some info from google about robots.txt https://support.google.com/webmasters/answer/6062608?hl=en Let’s check the robots.txt file for this site to see what google is not allowed to index https://ringzer0ctf.com/robots.txt User-agent: * Disallow: /16bfff59f7e8343a2643bdc2ee76b2dc/ Just one folder that google should index. Lets see what’s in there https://ringzer0ctf.com//16bfff59f7e8343a2643bdc2ee76b2dc/ FLAG-G5swO95w0c7R5fq0sa85nVs5dK49O04i   There is our Flag

Ringzer0CTF – Cryptography – I lost MY password Can you find it? Objective : Get the flag…… I don’t know what else to put here Solution : So this level give you a tar file I downloaded the tar and unzipped it There is a policies folder with the following folders inside 02/06/2014   09:20 AM     <DIR>           . 02/06/2014   09:20 AM     <DIR>           .. 02/05/2014   03:59 PM     <DIR>           {31B2F340-016D-11D2-945F-00C04FB984F9} 02/05/2014   03:59 PM     <DIR>           {6AC1786C-016F-11D2-945F-00C04fB984F9} 02/06/2014   09:22 AM     <DIR>           {75DE8F0A-DEC0-441F-AE29-90DFAFCF632B} 02/06/2014   08:20 AM     <DIR>           {874C2133-64E1-4F2C-8BD8-71D9BD59643D} 02/06/2014   08:29 AM      <DIR>           {C7BD6C6D-A1C8-4C23-815E-3D8D4187640F}                0 File(s)               0 bytes                7 Dir(s)   326,238,683,136 bytes free I poked through the directory and found an i

SmashTheStack.org – BlackBox – Level 1 Objective: Get the pass for level 2 Solution: So this is the first level for smashthestack.org blackbox. You are given the user/pass for level one and need to get the level 2 pass So first things first let’s ssh putty.exe -ssh level1@blackbox.smashthestack.org 2225   Using username "level1". level1@blackbox.smashthestack.org's password: lets start with ls to see where we landed and what there level1@blackbox:~$ ls -al total 24 drwxr-x---   2 root    level1 4096 Oct 23   2016 . drwxr-xr-x 17 root    root    4096 Mar 22   2012 .. lrwxrwxrwx   1 root    root       9 Sep 13   2016 .bash_history -> /dev/null -rw-r--r--   1 level1 gamers    35 Sep   3   2016 .bashrc -rw-------   1 root    gamers 1170 Oct 23   2016 .viminfo -rwxr-xr-x   1 level2 level1 7591 Apr 22   2017 login2   Cool There is a file called login2 that we have access to lets see what kind of file it is

Ringzer0CTF – Web – Area 51 Objective: Get that flag  Solution: On this challenge we get this message Access to this area is restricted using some secure .htaccess So .htaccess  so from there I started just by googling .htaccess ( I’ve heard of this before but never really dealt with apache servers) Ok next I googled .htaccess bypass I found a forum that says to get around this sometime its just as simple as using PUT instead of get. https://security.stackexchange.com/questions/177279/how-to-bypass-htaccess-protection So I fired up YARC(Yet another REST client) and sent a PUT instead of a GET to the site Now I get this < div class = "challenge-wrapper" > < br /> < span class = "red" > AREA 51 </ span > The origin of the Area 51 name is unclear? Alien? < br /> < div class = "alert alert-info" role = "alert" > FLAG-w4KRr557y626izv567758O52 <

Ringzer0CTF – Web – Headache Objective: Get that flag son Solution: So this challenge is called headache and we get this as a hint Answer is closer than you think! So lets look at the response header to see what we see. I loaded the Yet Another REST Client into my chome and pointed it at the challenge. I had to do some research on REST because I wasn’t too familiar with it. SO I loaded up the challenge in YARC and under response headers we see the flage Top of Form Authentication Send Request Bottom of Form Response 200 Request URL:   https://ringzer0ctf.com/challenges/43 Request Method:  GET Response Time:  0.465 seconds Response Status:  200 - OK {   "date": "Wed, 16 Oct 2019 15:21:20 GMT" ,   "content-encoding": "gzip" ,   "x-content-type-options": "nosniff" ,   "age": "0" ,   "flag": "FLAG-365m4fU5p2DVEQbfrptDE5Ru&quo

Ringzer0 CTF – Web   - Words mean something? Objective: Find that flag yo Just a bunch of what looks like Latin Lorem ipsum dolor sit amet, consectetur adipiscing elit. Aliquam commodo risus lobortis diam molestie, varius vestibulum lacus condimentum. Phasellus fringilla, leo at ornare tristique, est elit lobortis dolor, a placerat tortor eros nec elit. Suspendisse feugiat, enim ac hendrerit malesuada, libero lectus rutrum tellus, ut faucibus sem odio non nunc. Vestibulum dignissim magna et felis laoreet viverra. Integer sodales tellus molestie suscipit feugiat. Praesent quis elit tristique nisl laoreet elementum eu nec felis. Fusce nunc enim, rhoncus at metus sed, accumsan accumsan augue. Nunc venenatis tempor mi sit amet tempus. Maecenas luctus lacus mi, id pretium magna feugiat eu. Aenean euismod ante at neque rhoncus, eget dapibus nisi lacinia. Aenean vulputate risus id velit interdum vulputate. Mauris id rhoncus dolor. Solution: So my first thought was that

RingZer0CTF   - Cryptography – Martian Message part 2 Objective: I think that's the key "fselkladfklklakl" KDERE2UNX1W1H96GYQNUSQT1KPGB Solution: So we have the key and the encrypted message we just need to figure out what kind of encryption was used to get the key I used this website with their Vigenere cipher to decode it https://www.dcode.fr/vigenere-cipher FLAGU2JNU1R1X96VOFNKHLB1GEWQ