Things I learned from DarkCTF
Forensics
Wolfie's Contact
How to mount an EWF image file (E01) on Linux[link]:
ewfmount IMAGE.E01 ./rawimage/
mkdir mountpoint # mount ./rawimage/ewf1 ./mountpoint -o ro,loop,show_sys_files,streams_interace=windowsAW
If the file is named "spectre", they may be implying that I should inspect the spectrogram 🤦♂️
Free Games
The writeup I read used autopsy to search the file system for. I tried to figure out why grep didn't work for me and I realized the link I was looking for is split into two lines. To prevent this I could use a tool or look for "PencakSilat" instead of "http".
Crcket
This challenge was about fixing a png. It required knowledge of the PNG structure, and could use the help of png-parser.
Cryptography
Pipe Rhyme
First RSA challenge.
Linux
Linux Starter
Escape rbash restricted shell through SSH:
Find Me
Use lsof to restore deleted files [If they are still opened by a process][link]:
Secret Vault
Base85 is a thing, and it looks something like this:
Also, I liked this syntax of while loop to crack the vault:
Time Eater
Sometimes you just have to keep enumerating... 😒
Misc
QuickFix
????
P_g_G_i_P_t
What can I do with PGP Fingerprint?
Grap the PGP key with:
In this challenge, the key doesn't contain user ID so this won't work. Another way to obtain a key from a fingerprint is by using an online lookup like this one.
OSINT
Eye & Time Travel
Google lens and Yandex are good tools for reverse image search.
PWN
roprop
Finally learned how to ROP!
Web
Source
You can present very large numbers in PHP in this short manner:
Dusty Notes
Fuzzing input fields might yield nice errors.
Chain Race
Apache2 Interesting Default Files
/etc/apache2/apache2.conf
/etc/apache2/ports.conf
Race Condition Vulns
The idea is to force a program to handle tasks in an unintended order. Usually happens when several threads are operating on the same resources with a time gap between initialization and usage.
Last updated
Was this helpful?