Hello there !
I hope all is well with you despite these difficult days. I wish you all a very happy New Year 2022. I’d like to tell you about a little known but potentially annoying vulnerability: domain and subdomain takeover.
Introduction But before start you have to know several things about domain name system also known as DNS.
The Domain Name System (DNS) is the hierarchical and decentralized naming system used to identify computers, services, and other resources reachable through the Internet or other Internet Protocol (IP) networks.
Survive all was a challenge proposed during the Santhacklaus CTF 2019. It was one of the hardest challenge of the competiton. Only one objective : obtain a root access.
Step 1 : Perimeter discovery 1.1. Services We started this challenge with a classical services recon.
PORT STATE SERVICE VERSION 22/tcp closed ssh 80/tcp open http Apache httpd 2.4.38 | http-methods: |\_ Supported Methods: HEAD |\_http-title: Survive All The best survival tech guide Service Info: Host: 172.
I think you know what I am talking about. The “file upload” vulnerability is familiar for you ? Nice. So you know how it could be difficult to bypass protection to upload a webshell. I will show you a little technique to add to your test when you are trying to exploit file upload :)
This technique is inspired from the challenge l33t-hoster of the Insomni’hack Teaser 2019 CTF
So follow the guide !
Netrunner is the second biggest challenge of the Santhacklaus 2018 CTF. The challenge is not really hard, but could be particulary annoying if you don’t know what to do. You need to have some skills in pentest web and medium skills in Linux system.
The challenge is divided in 3 steps. Each step has its own validation password (flag). So let’s begin with the first step !
1st step - You have a mission !
ArchDrive is the biggest challenge of the Santhacklaus 2018 CTF and my favorite one. It’s divided in 5 steps of increasing difficulty. The challenge is not really hard, but particularly long and time-consuming. You need to have some strong skills in web pentesting, some basic skills in forensic and medium skills in Linux system.
So, as you can see, the 5 steps have their own validation password (flag). Let’s start the challenge !