Home

Malware Analysis - FakeBard - Malicious ChromeExtension

Description As it’s the weekend and I had some free time, I was scrolling through Facebook when an ad suggestion caught my eye. The ad promoted a new Google Bard version which, in my opinion seems like a potential malware. Despite my curiosity, I decided to investigate for fun, so I grabbed my laptop and copied the link into my browser. A...

Read more

AI - OSINT - Solving GitHub Alias

Title How AI-Powered OSINT Helped Me Solve the Mystery of My GitHub Alias and Reclaim My Digital Identity ! Description A few years ago, while setting up my GitHub account and trying to establish my digital presence, I discovered that the username AB2 was already taken. The account belonged to someone else, which was surprising since I had en...

Read more

MCH2022CTF - MySimpleLogin - Writeup

Description Solution We were given an APK file MySimpleLogin.zip After downloading the APK file, we can use any Android DEX decompiler to open it. To find the entry point or main activity, we can check the AndroidManifest.xml file. The main activity for this APK is ctf.challenges.mysimplelogin.MainActivity, as shown in the screenshot...

Read more

HackyHolidays - Protect the supply - Writeup

Description This challenge was in both the forensics and reversing categories Solution The challenge is a container that can be pulled using the command described in the challenge description. docker run -ti hackazon/micro_ghost /bin/sh As a fan of bash shell, I had to change the /bin/sh to /bin/bash docker run -ti hackazon/micro_ghost ...

Read more

PHP - Bypass Disable Functions Using FFI

Description Recently, I encountered a situation where most PHP functions were disabled. To facilitate more accurate debugging and analysis, I recreated the environment in a Docker container. Docker setup Dockerfile FROM php:8.0-apache RUN apt update RUN apt install nano libffi-dev RUN docker-php-ext-configure ffi --with-ffi RUN docker-php-e...

Read more

TryHackMe - Island Orchestration - Walkthrough

Description Room Link: Island Orchestration Only one flag to catch … ! Recon Using nmap, we can find that there are two open ports. Nmap scan report for 10.10.160.23 Host is up, received reset ttl 255 (0.013s latency). Not shown: 998 filtered tcp ports (no-response) PORT STATE SERVICE REASON 22/tcp open ssh syn-ack ttl 64 80/tcp op...

Read more

VirtualBox Saved State Parser

Description 1) This tool has been used back in 2014 for a CTF Challenge ASIS-QUALS-2014 2) I found this tool to be interesting and decided to save it here in my GitHub repository. I am not sure who the original author of the tool is, but I wanted to preserve it for future reference and potentially contribute to its development.. 3) Also you m...

Read more

No WSL After 2 Day

Description No WSL After 2 Day ! OR No Windows System Linux After Today ! This document explains how to install a virtual Linux system on your Windows machine without relying on WSL. Final result Download Below are the software and application names mentioned in this document: Windows Terminal Preview VirtualBox Kali Linux Setting...

Read more

MystikoCTF - THM - Walkthrough

Date: 21st / 22nd November 2021 Description This is my writeup for the recent CTF hosted by Mystiko, which was held on TryHackMe. I had a great time participating in the CTF and found it to be very challenging and enjoyable. I would like to express my gratitude to the Mystiko team for organizing such a fantastic event and for creating such ...

Read more

DamCTF - sneaky-script - Writeup

Description This challenge was part of a recent CTF DamCTF, and it was the only challenge in the malware category. Solution Upon extracting the provided zip file, we found that it contained two files: a pcap file and a bash script. Examining the bash script, I found a line of code that indicates that the script is downloading and executi...

Read more

Vulnhub - Venus - Walkthrough

Description The Planets: Venus Date release: 3 Jun 2021 Author: SirFlash Series: The Planets URL: https://www.vulnhub.com/entry/the-planets-venus,705/ Difficulty: Medium Venus is a medium box requiring more knowledge than the previous box, “Mercury”, in this series. There are two flags on the box: a user and root flag which include an ...

Read more

Pwn2Win - CmonSeemyVulns - Writeup

Description We were given the source code and the Dockerfile, we can build it locally and work on it directly on our own system. c_mon_see_my_vulns Code Review Snipped code from: index.php (Only PHP Part !) The 7th line of the code appears to contain an eval function that is called within the do_calcs function. This function is calle...

Read more