fdvoid0's blog

by fdvoid0

Posted on Edited on In Word count in article: 2k Reading time ≈ 7 mins.

introduce

OS: Windows
Difficulty: Medium
Points: 30
Release: 15 Aug 2020
IP: 10.10.10.203

User Blood haqpl 00 days, 01 hours, 29 mins, 58 seconds.
Root Blood qtc 00 days, 03 hours, 10 mins, 42 seconds.

  • my htb rank

Read more »

Posted on Edited on In Word count in article: 2.5k Reading time ≈ 9 mins.

introduce

OS: Linux
Difficulty: Hard
Points: 40
Release: 01 Aug 2020
IP: 10.10.10.200

User Blood : InfoSecJack 00 days, 01 hours, 49 mins, 26 seconds.
Root Blood : snowscan 00 days, 02 hours, 09 mins, 09 seconds.

  • my htb rank

Read more »

Posted on In Word count in article: 3.9k Reading time ≈ 14 mins.

ctf基础

ctf简介

CTF(Capture The Flag,夺旗赛)起源于 1996 年 DEFCON 全球黑客大会,是网络安全爱好者之间的竞技游戏,也是黑客的游戏。

CTF 竞赛涉及众多领域,内容繁杂。与此同时,安全技术的发展速度越来越快,CTF 题目的难度越来越高,初学者的门槛也越来越高。

DEFCON作为CTF赛制的发源地,DEFCON CTF也成为了目前全球最高技术水平和影响力的CTF竞赛,类似于CTF赛场中的“世界杯” 。

CTF 为团队赛,通常以三人为限,要想在比赛中取得胜利,就要求团队中每个人在各种类别的题目中至少精通一类,三人优势互补,取得团队的胜利。同时,准备和参与 CTF 比赛是一种有效将计算机科学的离散面、聚焦于计算机安全领域的方法。

ctf比赛有难有易,比赛内容一般是拿到系统最高权限,然后在root或administrator路径下面找到flag并提交,有时flag会利用各种手段隐藏起来。除此之外还有各种密码破解,逆向,缓冲区溢出,追踪溯源,信息破译,文件提权等等各种脑洞大开的题目。

一场好的ctf比赛非常锻炼参赛者的渗透攻击与知识水平。

CTF精神与内涵

  • 技术应该以开放的方式共享。
  • 在高速发展,日新月异的现代社会,安全攻防技术总是保持不断更新,旧的技术在面对新的技术时随时可能失效,所以作为normal man,必须要有一个不断学习的思想,才能不被社会淘汰。
Read more »

Posted on Edited on In Word count in article: 8.8k Reading time ≈ 32 mins.

introduce

OS: Linux
Difficulty: Insane
Points: 50
Release: 21 Jul 2018
IP: 10.10.10.94

User Blood: 00 days, 12 hours, 36 mins, 39 seconds.
Root Blood: 00 days, 19 hours, 28 mins, 48 seconds.

  • my htb rank

Read more »

Posted on Edited on In Word count in article: 2.8k Reading time ≈ 10 mins.

introduce

OS: Linux
Difficulty: Medium
Points: 30
Release: 11 Jul 2020
IP: 10.10.10.197

User Blood image InfoSecJack 00 days, 03 hours, 45 mins, 53 seconds.
Root Blood image InfoSecJack 00 days, 03 hours, 48 mins, 41 seconds.

  • my htb rank

Read more »

Posted on Edited on In Word count in article: 1.2k Reading time ≈ 4 mins.

introduce

OS: Linux
Difficulty: Easy
Points: 20
Release: 30 May 2020
IP: 10.10.10.191

User Blood: 00 days, 03 hours, 27 mins, 50 seconds.
Root Blood: 00 days, 03 hours, 31 mins, 10 seconds.

  • my htb rank

information gathering

first use nmap as usaul

1
2
3
4
5
6
7
8
9
10
root@kali:~/hackthebox/blunder# nmap -sV -sC -Pn -T4 -v -p- --min-rate=10000 10.10.10.191
PORT   STATE  SERVICE VERSION
21/tcp closed ftp
80/tcp open   http    Apache httpd 2.4.41 ((Ubuntu))
|_http-favicon: Unknown favicon MD5: A0F0E5D852F0E3783AF700B6EE9D00DA
|_http-generator: Blunder
| http-methods: 
|_  Supported Methods: GET HEAD POST OPTIONS
|_http-server-header: Apache/2.4.41 (Ubuntu)
|_http-title: Blunder | A blunder of interesting facts
Read more »

Posted on Edited on In Word count in article: 3.5k Reading time ≈ 13 mins.

introduce

OS: Windows
Difficulty: Insane
Points: 50
Release: 05 May 2018
IP: 10.10.10.72

User Blood: 00 days, 19 hours, 09 mins, 22 seconds.
Root Blood: 01 days, 04 hours, 16 mins, 21 seconds.

that’s crazy for me

  • my htb rank
Read more »

Posted on Edited on In Word count in article: 1.7k Reading time ≈ 6 mins.

name

Name: EVM: 1
Date release: 2 Nov 2019

download

Download: https://mega.nz/#F!pVV1CKYI!ABCpQ0qUdbuYIszf0ljH1w
Download (Mirror): https://download.vulnhub.com/evm/EVM.ova
Download (Torrent): https://download.vulnhub.com/evm/EVM.ova.torrent

description

This is super friendly box intended for Beginner’s

This may work better with VirtualBox than VMware

Read more »

Posted on Edited on In Word count in article: 1.8k Reading time ≈ 6 mins.

name

Name: djinn: 1
Date release: 18 Nov 2019

download

Download: https://drive.google.com/file/d/1LlT5JcdlyDUcvkn12t9oIIFo0X9Gt53B/view?usp=sharing
Download (Mirror): https://download.vulnhub.com/djinn/djinn.ova
Download (Torrent): https://download.vulnhub.com/djinn/djinn.ova.torrent

description

  • Level: Beginner-Intermediate
  • flags: user.txt and root.txt
  • Description: The machine is VirtualBox as well as VMWare compatible. The DHCP will assign an IP automatically. You’ll see the IP right on the login screen. You have to find and read two flags (user and root) which is present in user.txt and root.txt respectively.
  • Format: Virtual Machine (Virtualbox - OVA)
  • Operating System: Linux
Read more »

Posted on Edited on In Word count in article: 1.6k Reading time ≈ 6 mins.

注意

为了帮助自己更好的成长,适应国际潮流与发展。从这篇文章开始,本人以后所有的技术文章,walkthrough,writeup,及其他乱七八糟的东西,全部用英文,重要的事情强调3遍,全部用英文!全部用英文!全部用英文!以后为适应国际潮流,文章将不定期换用其它国家的语言!!!

name

Name: CyNix: 1
Date release: 18 Nov 2019

download

Download: https://drive.google.com/open?id=1oV8J4o3R8WP25fnIMy0ZKdZi-97eNP6b
Download (Mirror): https://download.vulnhub.com/cynix/CyNix.ova
Download (Torrent): https://download.vulnhub.com/cynix/CyNix.ova.torrent

description

  • Level: Intermediate-Hard
  • User flag: user.txt
  • Root flag: root.txt
  • Description: It’s a Boot2Root machine. The machine is VirtualBox compatible but can be used in VMWare as well (not tested but it should work). The DHCP will assign an IP automatically. You have to find and read two flags (user and root) which is present in user.txt and root.txt respectively. Enjoy pwning it!

We recommend that you use VirtualBox and not VMware for this VM

Read more »