Task 1

1-)What was the URL of the page they used to upload a reverse shell?


Task 1

1-)Access the web server, who robbed the bank?

Spiderman

Task 2

1-)What is the Joomla version?

3.7.0 (CVE-2017–8917)

2-)What is Jonah’s cracked password?


Task 1

1-)Deploy the machine and access its web server.

No Answer Needed

2-)Whats the name of the clown displayed on the homepage?

(Reverse Image Search)

Pennywise

Task 2

1-)What request type is the Windows website login form using?

POST

2-)Guess a username, choose a password wordlist and gain credentials…


Task 1

1-)What is Miles password for his emails?


Task 1

1-)Who is the employee of the month?

Visit Machine IP > Save Image As >

Billy Harper

Task 2

1-)Scan the machine with nmap. What is the other port running a web server on?


Task 1

1-)Scan the machine. (If you are unsure how to tackle this, I recommend checking out the Nmap room)

No Answer Needed

2-)How many ports are open with a port number under 1000?


Task 1

1-)Deploy the machine and access its web server.

No Answer Needed

2-)What is the name of the large cartoon avatar holding a sniper on the forum?

agent 47

Task 2

1-)Here is a potential place of vulnerability, as you can input your username as another SQL query. …


Task 1

1-)How many ports are open? (TCP only)


Task 1

1-)What does TGT stand for?

Ticket Granting Ticket

2-)What does SPN stand for?

Service Principal Name

3-)What does PAC stand for?

Privilege Attribute Certificate

4-)What two services make up the KDC?

AS, TGS

5-)Deploy the Machine

No Answer Needed

Task 2

1-)How many total users do we enumerate?

Altuğ Kale

Cyber Security Analyst

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store