CrewCTF 2024
CrewCTF 2024 writeups
CrewCTF 2024 writeups
Deadsec 2024 writeups
Imaginary 2024 writeups
Easy HTB machine where a website is used to reduce the size of images. Then an Image Magick exploit is used for file read vulnerability. Though that the SQLite3 database can be enumerated.
IMF is a boot2root mcahine that contains many flags. After each flag, the difficulty is increased. This machine starts with web and ends with a buffer overflow.
Keeper is an easy HTB machine which mimicks a helpdesk. I get inital access with default credentials. With that I find a comment which reveals a password that I use to login to SSH. I then use an exploit on the KeePass dump file, which gives the root putty SSH key.