Looking to pass the OSCP, CEH, eCPPT, or LPT? Keep reading… @j0emccray

Greetings!

This blog post will be short.

I received the following email (from Strategic Security owned by Joe McCray) in my inbox:

infosec_addicts

As many know, I’m embarking on the OSCP challenge (full disclosure: my job is paying for the cert), and I was happy to see this email.

$50 for a self-paced course that will give you a primer before starting the real (in my case OSCP) course seems like a deal too good to be true…

In this case, it’s not. The email is 100% factual. I signed up for the course about an hour ago, and was presented with the coursework.  I also received an email stating a customer service rep will reach out to me to make sure everything is going well. This customer service rep will be an accountability buddy to make sure that all assignments and quizzes are completed.

So, if you want to study the concepts of the OSCP, eCPPT, LPT, or CEH course(s) before actually taking the class, then look no further than this course. At $50 what do you REALLY have to lose? At the worst you’re out of a week’s worth of lunch, at best you acquire knowledge that will last a lifetime!

If you want more information about the course, check out Joe McCray on twitter at @j0emccray.

NOTE: I will do a review of the course when I have completed it – so stay tuned!

Advertisements

PicoCTF 2017 – WorldChat

Another day, another challenge…

In today’s blog post we will be solving the “WorldChat” challenge from the PicoCTF.

Let’s get started!

Going to the challenge we see:
PicoCTF_WorldChat_1

OK so we need to find the flag inside of the WorldChat app. According to the description when connecting to this app there will be many people on the app besides us.

Let’s look at the hints to see if it will help us.

PicoCTF_WorldChat_2

We need to us the nc command (we’ve used this in another challenge) and use the grep command to filter output.

Let’s try it.

PicoCTF_WorldChat_3

Connecting to the server we see a bunch of chats from different people. I pressed Ctrl + C to stop it.

Let’s use the hints and use the grep command with the “|” (pipe) command.

PicoCTF_WorldChat_4

PicoCTF_WorldChat_5

PicoCTF_WorldChat_6

PicoCTF_WorldChat_7

PicoCTF_WorldChat_8

PicoCTF_WorldChat_9

PicoCTF_WorldChat_10

Press Ctrl + C to end the chat.

I have only captured screenshots of output that has the flag. Entering the flag into the input box we acquired 30 points.

InfoSec Institute CTF Challenge #14

Another day, another challenge.

Today’s challenge comes from the InfoSec Institute CTF program.

Going to the following link we see the following:

infosec_14_intro

Doing a right click, view page source we see the following:

infosec_14_page_source

Hmm… there’s a file, titled level14 inside the misc folder. Let’s go that file and see what’s there…

Going to the file we see the following:

infosec_14_php_sql_dump

Hmm… it looks like we have a SQL dump that’s showing us all the tables and values inside of a php application.

Scrolling down we see something that looks interesting, and strange…

infosec_14_encoding

Could this be some type of encoding? Possibly hexadecimal encoding?

First, we don’t need the double forward slash, we just need one. Removing the extra slashes we get the following:

infosec_14_encoding_remove_slash

Using a Hex to ASCII converter here, we get:

infosec_14_solved

We found the flag – infosec_flagis_whatsorceryisthis

Lessons learned:

Our trick still works! We were able to find valuable information when looking at the page source. Going to the file listed we noticed it was a dump of SQL tables. Looking through the tables we noticed suspicious output, which we guessed was some type of encoding. Using information we learned from a previous challenge we were able to deduce that the encoding was hexadecimal encoding. From there we were able to find the flag.