Рет қаралды 6,349
Video walkthrough for some challenges from the @HackTheBox University Capture The Flag (CTF) Qualifiers 2021. We'll cover some Forensics (DFIR), Reverse Engineering (RE), Binary Exploitation (Pwn) and Web challenges including: docker layer obfuscation, malicious macros (powerpoint), credential/password extraction, Cobalt Strike traffic decryption, use-after-free (UAF) vulnerabilities and zip slip to RCE via file upload. We'll use a variety of tools e.g. Ghidra, GDB-PwnDbg, Checksec, Wireshark, Burp Suite, Radare, Cobalt Strike analysis scripts, ViperMonkey and olevba. Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #HackTheBox #HTBUniCTF2021 #CaptureTheFlag #CTF
HackTheBox: affiliate.hackthebox.com/cryp...
HTB Academy: affiliate.hackthebox.com/cryp...
↢Social Media↣
Twitter: / _cryptocat
GitHub: github.com/Crypto-Cat
HackTheBox: app.hackthebox.eu/profile/11897
LinkedIn: / cryptocat
Reddit: / _cryptocat23
KZfaq: / cryptocat23
Twitch: / cryptocat23
↢Hack The Box↣
www.hackthebox.com/universiti...
ctf.hackthebox.com/ctf/173
/ hackthebox_eu
/ discord
↢Resources↣
Ghidra: ghidra.re/CheatSheet.html
Volatility: github.com/volatilityfoundati...
PwnTools: github.com/Gallopsled/pwntool...
CyberChef: gchq.github.io/CyberChef/
DCode: www.dcode.fr/en
HackTricks: book.hacktricks.xyz/pentestin...
CTF Tools: github.com/apsdehal/awesome-ctf
Forensics: cugu.github.io/awesome-forens...
Decompile Code: www.decompiler.com/
Run Code: tio.run/
Start: 0:00
Forensics: Peel back the layers - 0:55
Forensics: Strike back - 14:08
Reversing: Upgrades - 29:34
Reversing: Vault - 38:02
Web: Slippy - 49:14
Pwn: Arachnoid Heaven - 1:07:02
End: 1:23:33