Monday, August 18, 2014

2014-08-02 Challenge: Web enumeration - Target

One of the readers suggested that I set up a place where readers can test out and try their hands at enumerating on a "authorized" site. Well, I have stood up a web server, and there are roughly 22 pages that are enumerable using one method or another.

 Good luck!

http://192.241.210.246/

UPDATE: Each discovered page contains a hash, it's simply a way to verify you have found something that was intended to be found. You can submit them as well or just shoot over the URL of the pages you found.

Please send in your answers or ask questions, this isn't a secret or CTF, this is here for you to learn.


Saturday, August 2, 2014

2014-08-02 Challenge: Web enumeration

Many times during application assessments the discovery of pages or objects that were meant to have been removed or "disabled" are the ways in. Hidden functionality or "admin only" functions that don't require auth to name a couple others. The question usually comes down to finding them. So, name 6 ways / methods of discovering content on web applications.

Sunday, July 6, 2014

2014-07-04 Challenge: RFID

With RFID you have low and high frequency "tags" or cards and they aren't all the same. List 2 types for each frequency level and what they are generally used for. Then see if you can find out what types of attacks are viable against the 4 you picked and what specific hardware you might need to attempt those attacks. Provide scenarios.

Thursday, June 12, 2014

2014-06-14 Challenge: Hash Identification

Turning out to be a monthly gig rather than a weekly one. Either way, here is this week's challenge, identify and crack the following hash:

8acf10020c2688f8149c06ad8143e97b


You should be able to crack it relatively quickly with a bit o' magic.

(UPDATE: Had to change the hash since everyone and the mother got the original one right off the bat)

Wednesday, May 7, 2014

2014-05-05 Challenge: Bad Characters

During exploit development there is the concept of "bad characters". What are they? What are some common "bad characters" when trying to exploit 1) HTTP 2) FTP 3) Programs written in C



Monday, April 14, 2014

2014-04-14 - Back in the saddle

I apologize for the absence but I've honestly been crazy busy with CCDC (MACCDC prep and execution, and NCCDC prep). It would have been unfair of me to issue challenges without being able to properly respond to them in a timely manner. I do have a few left to answer still. So this week's challenge is going to require a big more research than normal. The following is a Windows 7 event log of some sort. With it you should be able to tell me the computer name, and exactly what time KB982132 was installed.
(The file is intentionally corrupted)

Download: https://drive.google.com/file/d/0ByiDshWJ_PnZbTR3QTNyYUJVUGM

Monday, March 10, 2014

2014-03-10 challenge

This week's challenge is straight forward. "sc" is a Windows command that shows information about Windows services. Pick any service on a windows machine and run "sc sdshow " on it (you can use "sc sdshow lanmanserver" if you want. The output of the command is called a "DACL" in "SDDL". Your challenge is to explain in its entirety what that jumble of letters and semicolons mean, as well as explaining DACLS and SDDLs. Extra Credit: Explain how an attack can use this information.