Cybernotes (Page 2)

Sign in Subscribe

PicoCTF - useless

PicoCTF - useless

There's an interesting script in the user's home directory. The work computer is running SSH. We've been given a script that performs some basic calculations, explores the script, and finds a flag. Open up the terminal and connect with SSH to the server. ssh

PicoCTF - repetitions

PicoCTF - repetitions

Can you make sense of this file? First, download the required file (enc_flag). The file is formatted in the base64 format. We need to decode it multiple times in order to get the flag. Here is the Python code that does just that. If you want to learn more

Online Account Storage

Online Account Storage

This is a Python GUI program, used for creating and storing online account information in a separate .json file. Let’s see first the UI setup using Tkinter. 💡UI Setup The setup is pretty simple and straightforward. At first, we create a canvas with specific dimensions that hold an image.

Memory Game

This is a Python program aimed at recalling and improving the overall memory of the individual using a series of random words and numbers. At first, the main program imports all the necessary libraries and files combined with an ASCII art logo. Then according to the user input, it calls

Binary Conversion

Binary Conversion

I wanted to create a Python program that takes binary input and converts them into a different format. So, here we go. The main.py is pretty straightforward, it just imports and calls the functions, presented by a series of options, regarding the intended action. 💡main.py import base64 import

Password Generator

Password Generator

I started to learn Python, because I noticed it is used a lot by Cyber Security professionals, and was something that I wanted to be proficient at. So, I decided to create a small program generating a random password using Python. First, let’s see the main.py file and

Hack The Box - Synced

Hack The Box Featured

Hack The Box - Synced

💡Task 1 What is the default port for rsync? First, as usual, run the following command in the terminal to scan the target machine for open ports using Nmap. nmap -sV -p- IP_ADDRESS Starting Nmap 7.80 ( https://nmap.org ) at 2023-06-15 14:37 EEST Stats: 0:00:16

Hack The Box - Mongod

Hack The Box - Mongod

💡“In this machine, we will explore the mongodb environment as well as the way of connecting to it and accessing information that lives inside it. It is a very easy machine, but remember you have to master the absolute basics first and build a solid foundation, before going further."

Hack The Box - Preignition

Hack The Box - Preignition

💡Task 1 Directory Brute-forcing is a technique used to check a lot of paths on a web server to find hidden pages. Which is another name for this? (i) Local File Inclusion, (ii) dir busting, (iii) hash cracking. dir busting 💡Task 2 What switch do we use for nmap’s

Hack The Box - Explosion

Hack The Box - Explosion

💡Task 1 What does the 3-letter acronym RDP stand for? Remote Desktop Protocol 💡Task 2 What is a 3-letter acronym that refers to interaction with the host through a command line interface? cli 💡Task 3 What about graphical user interface interactions? gui 💡Task 4 What is the name of an

Hack The Box - Redeemer

Hack The Box - Redeemer

Howdy my fellow Cyber Enthusiasts! Welcome to another Starting Point Hack The Box offers. I am excited to embark on this journey with you. So, without further ado, let’s dive in! 😄 Need to embark on an exciting journey on Hack The Box? Sign up now using the following link.

Hack The Box - Dancing

Hack The Box - Dancing

Howdy my fellow Cyber Enthusiasts! Welcome to another Starting Point Hack The Box offers. I am excited to embark on this journey with you. So, without further ado, let’s dive in! :) Need to embark on an exciting journey on Hack The Box? Sign up now using the following link.

Hack The Box - Fawn

Hack The Box - Fawn

Howdy my fellow Cyber Enthusiasts! Welcome to the second Starting Point Hack The Box offers. I am excited to embark on this journey with you. So, without further ado, let’s dive in! :) Need to embark on an exciting journey on Hack The Box? Sign up now using the following

Hack The Box - Meow

Hack The Box - Meow

Howdy my fellow Cyber Enthusiasts! Welcome to the first Starting Point Hack The Box offers. I am excited to embark on this journey with you. So, without further ado, let’s dive in! :) Need to embark on an exciting journey on Hack The Box? Sign up now using the following

PicoCTF - Permissions

PicoCTF - Permissions

First, click on the button ‘Launch Instance’. Then ssh to the remote machine using the presented command. Yours might be with different port or user credentials. ssh -p 50477 [email protected] Then navigate to the following folder using CLI. cd /challenge/ cat metadata.json That’s all!

PicoCTF - Moneyware

PicoCTF - Moneyware

We need to find the malware name for a Bitcoin address. Bitcoin address is the following. 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX Just search for 1Mz7153HMuxXTuR2R1t78mGSdzaAtNbBWX malware and you will be able to find the flag. Here is a hint… picoCTF{P…a}

PicoCTF - Chrono

PicoCTF - Chrono

First, open up the terminal and connect to the server using SSH. ssh [email protected] -p 53143 You will have different port and password, so just enter those provided. When you are connected to the server navigate to the following path. cd /challenge cat metadata.json You will

PicoCTF - Big Zip

PicoCTF - Big Zip

First, use wget to download the big-zip-files.zip file. Then unzip it. wget https://artifacts.picoctf.net/c/503/big-zip-files.zip unzip -u big-zip-files.zip There are a lot of files. We can not search all of them manually for a flag. So we can use the following command instead

PicoCTF - First Find

PicoCTF - First Find

First use wget to download the files.zip wget https://artifacts.picoctf.net/c/500/files.zip Extract the file using zip. unzip -u files.zip After that you will get a list of all the available folders and files that look like this. Archive: files.zip creating: files/ creating:

PicoCTF - Serpentine

PicoCTF - Serpentine

Use wget to download the Python file. 💡A short description from Wikipedia: GNU Wget (or just Wget, formerly Geturl, also written as its package name, wget) is a computer program that retrieves content from web servers. It is part of the GNU Project. Its name derives from “World Wide Web”

PicoCTF - runme.py

PicoCTF - runme.py

This challenge is extremely easy. You use wget to download the file and then run the script using Python. If you want to learn more about wget, then in the terminal type the following. man wget wget https://artifacts.picoctf.net/c/34/runme.py 💡A short description from Wikipedia:

PicoCTF - PW Crack 5

PicoCTF - PW Crack 5

First, download all the files provided. They are the following. All of them are needed to live in the same directory in order for this to work. level5.py level5.flag.txt.enc level5.hash.bin dictionary.txt Now let’s open up the main file which is the level5.

PicoCTF - PW Crack 4

PicoCTF - PW Crack 4

First, download all the files provided. They are the following. All of them are needed to live in the same directory in order for this to work. level4.py level4.flag.txt.enc level4.hash.bin Now let’s open up the main file which is the level4.py import

PicoCTF - PW Crack 3

PicoCTF - PW Crack 3

First, download all the files provided. They are the following. All of them are needed to live in the same directory in order for this to work. level3.py level3.flag.txt.enc level3.hash.bin Now let’s open up the main file which is the level3.py import

PicoCTF - PW Crack 2

PicoCTF - PW Crack 2

First, download both the files and store them in the same directory.level2.py and level2.flag.txt.enc Then use the following command in the terminal to see the contents of the file. nano level2.py We can see that inside the function level_2_pw_check there is