読者です 読者をやめる 読者になる 読者になる

recon easy list writeup

*****recon easy list (Points <=100)

これはCTF Advent Calendar 2016 - Adventarの16日目の記事です.

*Ghost in the Shellcode 2014: one
Category: Recon Points: 1
https://github.com/ctfs/write-ups-2014/blob/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/ghost-in-the-shellcode-2014/one/README.md
Description:

What is the marking on the second train? https://www.youtube.com/watch?v=6lutNECOZFw

writeup
:https://www.youtube.com/watch?v=6lutNECOZFw
f:id:sakura818uuu:20161206100155p:plain
:flag

*CSAW QUALS 2015: trivia-2
Category: Trivia Points: 10 Solves: 963
https://github.com/ctfs/write-ups-2015/blob/9b3c290275718ff843c409842d738e6ef3e565fd/csaw-ctf-2015/trivia/trivia-2/README.md
Description:

No More Free __!

writeup
:Google Search {"No More Free" security}
:keyword bugs
:flag

*CSAW QUALS 2015: trivia-3
Category: Trivia Points: 10 Solves: 1021
https://github.com/ctfs/write-ups-2015/blob/9b3c290275718ff843c409842d738e6ef3e565fd/csaw-ctf-2015/trivia/trivia-3/README.md
Description:

This mode on x86 is generally referred to as ring -2.

writeup
:Google Search {mode "ring -2" x86}
:keyword SMM(System Management Mode)
:flag

*CSAW QUALS 2015: trivia-4
Category: Trivia Points: 10 Solves: 1083
https://github.com/ctfs/write-ups-2015/blob/9b3c290275718ff843c409842d738e6ef3e565fd/csaw-ctf-2015/trivia/trivia-4/README.md
Description:

This vulnerability occurs when the incorrect timing/sequence of events may cause a bug.

writeup
:Google Search {"This vulnerability occurs when the incorrect timing/sequence of events may cause a bug."}
:Race condition - Wikipedia
:flag

*CSAW QUALS 2015: trivia-5
Category: Trivia Points: 10 Solves: 1016
https://github.com/ctfs/write-ups-2015/blob/9b3c290275718ff843c409842d738e6ef3e565fd/csaw-ctf-2015/trivia/trivia-5/README.md
Description:

On Windows, loading a library and having it's code run in another process is called _ .

writeup
:Google Search {On Windows, loading a library and having it's code run in another process is called _ .}
:Dynamic-link library - Wikipedia
:Google Search {Dynamic-link library vuln}
:flag

*CSAW QUALS 2015: trivia-6
Category: Trivia Points: 10 Solves: 551
https://github.com/ctfs/write-ups-2015/blob/9b3c290275718ff843c409842d738e6ef3e565fd/csaw-ctf-2015/trivia/trivia-6/README.md
Description:

This Pentesting expert supplied HBO's Silicon Valley with technical advice in season 2. The flag is his twitter handle.

writeup
:Google Search {HBO's Silicon Valley pentest}
:keyword Rob Fuller
:Google Search {Rob Fuller twitter}
:https://twitter.com/mubix
:flag

*CSAW CTF 2016 Quals: Eric_Zhi_Liang
Category: Recon Points: 10
https://github.com/ctfs/write-ups-2016/blob/b60d9fa809f3caa09dae2b8cad3b1435a33f13c4/csaw-ctf-2016-quals/recon/eric-zhi-liang-10/README.md
Description:

We tried very hard to find Eric last year. You're going to have to try just as hard this year, since not even his friends can find him.

We heard Eric has his own subreddit. Can you find Eric for us?

writeup
*Hatena Blog response Bad Request insert reddit URL link. reddit's URL Partial abbreviation.
:Google Search {Eric_Zhi_Liang subreddit}
:reddit.com/user/theRealEricLiang/
:reddit.com/r/creativecoding/comments/51fas9/has_anyone_worked_with_the_intel_edison/
:He participated Hackster Meetup in NYC
:Google Search {Hackster Meetup in NYC}
:https://www.meetup.com/ja-JP/Hackster-NYC/
:menber>member search Eric>Eric Liang>introduction "I love fanfiction and Allen Lau!"
:Google Search {fanfiction and Allen Lau}
:https://www.wattpad.com/user/allenlau
:Change URL username Eric>https://www.wattpad.com/user/ericZhiLiang
:flag

*That Sounds Delicious
Category: Trivia Points: 15
https://github.com/ctfs/write-ups-2015/blob/9b3c290275718ff843c409842d738e6ef3e565fd/sCTF-2015/trivia/That%20Sounds%20Delicious/README.md
Description:

BLcvFJic
highlighting:none
expiration:never
exposure:unlisted

writeup
:Google Search {highlighting none exprination never exposure unlisted}
:keyword pastebin
:http://pastebin.com/ add BLcvFJic
:http://pastebin.com/BLcvFJic
:flag

*ASIS Cyber Security Contest Finals 2014: Fact or Real?
Category: Recon Points: 25
https://github.com/ctfs/write-ups-2014/blob/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/asis-ctf-finals-2014/fact-or-real/README.md
Description:

ASIS_md5(motto)

writeup
:Google Search {date;2014-01-01 - 2014-12-31} {asis fact or real"}
:https://twitter.com/factoreal/status/486459604973662208
:picture "NO+$=YES" & calculate MD5

$ echo -n "NO+$=YES" | md5sum
d25b9c2f1c29e49e81e8fdfaf4d16fc6  -

:ASIS_ add calculation result
:flag

*IceCTF-2016 : complacent-40
Category: Recon Points: 40
https://github.com/ctfs/write-ups-2016/blob/274307f43140bb4a52e0729ecf1282628fb22f5b/icectf-2016/recon/complacent-40/readme.md
Description:

These silly bankers have gotten pretty complacent with their self signed SSL certificate. I wonder if there's anything in there.

writeup
:server stop. I could not solve this problem.

*ABCTF 2016 : archive-me-50
Category: Recon Points: 50 Solves: 360
https://github.com/ctfs/write-ups-2016/blob/274307f43140bb4a52e0729ecf1282628fb22f5b/abctf-2016/recon/archive-me-50/README.md
Description:

If you could look at our website from a while ago im sure the flag would be there...

writeup
:our website = http://abctf.xyz
:Use Internet Archive: Wayback Machine
:ABCTF2016 Holding Time Fri, 15 July 2016, 18:23 UTC — Fri, 22 July 2016, 18:23 UTC.
:Internet Archive Wayback Machine Search {http://abctf.xyz}
:Link 10 May
:flag

*ABCTF 2016 : drive-home-50
Category: Recon Points: 50 Solves: 378
https://github.com/ctfs/write-ups-2016/tree/192b20d12c296b810265e4df978d98b8704f211e/abctf-2016/recon/drive-home-50
Description:

We found this link scribbled on a piece of paper: document/1_TxYCrk5vIMlUjiB1OioXmR7b-Uq_a9aPIh9JyYlPNs/edit?usp=sharing. It is broken but we need you to fix it!

writeup
:GoogleDocs URL add String
:https://docs.google.com/document/d/1_TxYCrk5vIMlUjiB1OioXmR7b-Uq_a9aPIh9JyYlPNs/edit
:flag

*ECTF 2014: Meet the Team
Category: Recon Points: 80
https://github.com/ctfs/write-ups-2014/blob/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/ectf-2014/meet-the-team/README.md
Description:

Find the URL of the organizing team’s blog.

Hint: Sorry! We didn’t have internet access to upload this clue :(

writeup
:Google Search {ctftime internet access}
:https://ctftime.org/team/8096
:Website http://nia-labs.github.io/
:flag

*ECTF 2014: Eight Cats Hid the Flag
Category: Recon Points: 100
https://github.com/ctfs/write-ups-2014/blob/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/ectf-2014/eight-cats-hid-the-flag/README.md
Description:

Find the flag.

Hint: Have you learnt a version control system before? Because one of our team members says he has.

writeup
:Google Search {version control system}
:keyword git
:Google Image Search {version control system cat}
:GitHub character Octo cat
:GitHub Search {No Internet Access} (Connect *ECTF 2014: Meet the Team ??)
:https://github.com/NIA-Labs
:https://github.com/orgs/NIA-Labs/people
:https://github.com/karthiksenthil
:https://github.com/karthiksenthil?tab=repositories
:https://github.com/karthiksenthil/Learn-Git
:https://github.com/karthiksenthil/Learn-Git/commits/master
:Page Search {flag}
:https://github.com/karthiksenthil/Learn-Git/commit/9cd4ecad6f7c545ef5ac31622d503de811191d7b
:flag

*Ghost in the Shellcode 2014: phpcrypto
Category: Recon Points: 100
https://github.com/ctfs/write-ups-2014/blob/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/ghost-in-the-shellcode-2014/phpcrypto/README.md
Description

GitS Presents PHPCrypto 0.000001(URL)

writeup
:server stop. I could not solve this problem.

*Ghost in the Shellcode 2014: CTF247
Category: Recon Points: 100
https://github.com/ctfs/write-ups-2014/blob/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/ghost-in-the-shellcode-2014/ctf247/README.md
Description:

CTF247 is awesome http://ctf247.2014.ghostintheshellcode.com/

writeup
:server stop. I could not solve this problem.

*RuCTF 2014 Quals: Recon 100 - Favourite book
https://github.com/ctfs/write-ups-2014/tree/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/ructf-2014-quals/recon-100
Description:

Have you ever met Olimpiada Balalaykina? She is a young girl who likes to chat and dreams to meet Pavel Durov. We'd like to know her favorite book.

writeup
:Google Search {Olimpiada Balalaykina}
:https://vk.com/olimpiada_balalaykina
:2 May 2014, articles with images, keyword favorite
:Google Image Search this picture
:https://booklovergifts.com/products/bag-mr-darcy-proposal-pride-prejudice
:flag

*Volga Quals CTF 2014: Recon 100
Category: Recon Points: 100
https://github.com/ctfs/write-ups-2014/tree/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/volga-quals-2014/recon/100
Description:

Good afternoon, recruit! Welcome to Privacy Department. We work closely with all megacorporations and try to help them to save trade secrets. And as you can see… we have a lot of work because some people can’t keep their mouth shut. Could you help to Department and find evidences against targets, that we’ll give to you? That's a bargain! Then here’s your first objective - Elton Badget. These man wants to disclose the name of secret project. Try to find the leak.

writeup
:Google Search {Elton Badget}
:https://ru.linkedin.com/in/elton-badget-0420aa93
:skills = Information Technology, Software Development, Debugging, SEO, Social Media Marketing, Firewalls, Logistics Management, Apache, Graphic Design, IT Management, Servers, Database Design, IT Outsourcing, Computer Security, Technical Writing, ISO, 0-in, Network Security, Analytics, Risk Assessment, Yoga
:firtst letter of word ISDSSFLAGISDICTI0NARY
:flag

*CSAW QUALS 2015: eric-liang-100
Category: Recon Points: 100 Solves: 55
https://github.com/ctfs/write-ups-2015/tree/9b3c290275718ff843c409842d738e6ef3e565fd/csaw-ctf-2015/recon/eric-liang-100
Description:

Eric played ctfs with some friends a while ago.

Hint: I remember playing with them around 2014... err maybe 2013?

Hint: flag is in flag{} format

Hint: The flag can be found on a .edu website

writeup
:Google Search {ctftime Eric Liang}
:https://ctftime.org/team/439
:4 edu link → nothing?
:I could not solve this problem.

*CSAW QUALS 2015: julian-cohen-100
Category: Recon Points: 100 Solves: 883
https://github.com/ctfs/write-ups-2015/tree/9b3c290275718ff843c409842d738e6ef3e565fd/csaw-ctf-2015/recon/julian-cohen-100
Description:

Julian Cohen

writeup
:Google Search {Julian Cohen}
:https://twitter.com/hockeyinjune
:Twitter Search {flag from:HockeyInJune}
:flag

*School CTF Winter 2015: Highly professional
Category: Joy Points: 100
https://github.com/ctfs/write-ups-2015/blob/9b3c290275718ff843c409842d738e6ef3e565fd/school-ctf-winter-2015/joy/highly-professional-100/README.md
Description:

A big computer security company needs a highly qualified recon expert.

Think you're the one? If so you just have to find out a name of the company owner. The name is your interview pass.

Flag format: firstname_lastname, e.g. john_snow

Image(https://github.com/ctfs/write-ups-2015/blob/9b3c290275718ff843c409842d738e6ef3e565fd/school-ctf-winter-2015/joy/highly-professional-100/image_779ded31b8001fccf8d241461c97d4f9f36242fa.jpg)

writeup
:Google Image Search this picture
:keyword "Mr. Robot","All safe"
:Google Search {mr.robot allsafe}
:wikipedia[https://ja.wikipedia.org/wiki/MR.ROBOT/%E3%83%9F%E3%82%B9%E3%82%BF%E3%83%BC%E3%83%BB%E3%83%AD%E3%83%9C%E3%83%83%E3%83%88]
:ギデオン・ゴダード is Allsafe CEO
:[https://en.wikipedia.org/wiki/Mr.
Robot_(TV_series)]
:Gideon Goddard
:flag

*ABCTF 2016 : always-so-itchy-100
Category: Recon Points: 100 Solves: 218
https://github.com/ctfs/write-ups-2016/blob/274307f43140bb4a52e0729ecf1282628fb22f5b/abctf-2016/recon/always-so-itchy-100/README.md
Description:

Dialga1234 - Johnny Boy

writeup
:Google Search {Dialga1234}
:https://scratch.mit.edu/users/dialga1234/
:https://scratch.mit.edu/projects/108998724/
:Blue Bottun watch inside
:flag

------------------------------I have not solved it yet.------------------------------
*Securinets Quals CTF 2015: Recon1
Category: Recon Points: 80 Solves:
https://github.com/ctfs/write-ups-2015/blob/9b3c290275718ff843c409842d738e6ef3e565fd/securinets-ctf-2015/recon/recon1/README.md

*CSAW CTF 2014: Fuzyll
Category: Recon Points: 100
https://github.com/ctfs/write-ups-2014/blob/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/csaw-ctf-2014/fuzyll/README.md

*CSAW CTF 2014: Julian Cohen
Category: Recon Points: 100
https://github.com/ctfs/write-ups-2014/blob/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/csaw-ctf-2014/julian-cohen/README.md

*CSAW CTF 2014: Kevin Chung
Category: Recon Points: 100
https://github.com/ctfs/write-ups-2014/blob/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/csaw-ctf-2014/kevin-chung/README.md

*DEFKTHON CTF: Recon 100
https://github.com/ctfs/write-ups-2014/tree/b02bcbb2737907dd0aa39c5d4df1d1e270958f54/defkthon-ctf/recon-100

*CSAW QUALS 2015: alexander-taylor-100
Category: Recon Points: 100 Solves: 424
https://github.com/ctfs/write-ups-2015/tree/9b3c290275718ff843c409842d738e6ef3e565fd/csaw-ctf-2015/recon/alexander-taylor-100

*Haxdump CTF 2015: Amanda Parkside
Category: Recon Points: 100 Solves: 16
https://github.com/ctfs/write-ups-2015/blob/9b3c290275718ff843c409842d738e6ef3e565fd/haxdump-ctf-2015/recon/amanda-parkside/README.md

*UIU CTF 2015: incertia
Category: Recon Points: 100 Solves: 17
https://github.com/ctfs/write-ups-2015/tree/9b3c290275718ff843c409842d738e6ef3e565fd/uiuctf-2015/recon/incertia