Skip to main content

CTF – Hacking Necromancer

Capture The Flag - Necromancer. Practicing my penetration testing skills to hack a target machine.  Here's my test environment in my own private virtual network.
I setup my Kali Linux in host virtual network and my target machine (Necromancer) which I downloaded a OVA image from VulnHub website.
When I started my Kali Linux virtual machine, I have an assigned IP Address 192.168.231.129. This most likely a different IP address when you setup your own private network. And my target machine Necromancer IP address is 192.168.231.128. I saw this when I started the Necromancer virtual machine. This save me some time to scan all /24 within my network.
Anyway, if you still want to scan your network you can use "netdiscover" tool. If you're not sure what options to use simply run "netdiscover --help". Okay, got it? Now run # netdiscover -r 192.168.231.0/24 [Enter] to scan your private network. Here's the result of my network. I run "ifconfig" in my Kali to know the assigned IP address, then the other IP most likely for my target network.
192.168.231.1 00:50:56:c0:00:01 1 60 VMware, Inc.
192.168.231.128 00:0c:29:a5:8c:67 1 60 VMware, Inc.
192.168.231.129 00:50:56:f0:0a:96 1 60 VMware, Inc.
With this information I can simply run nmap to my target IP address.
que-com-ctp-necromancer
Note: IP Address renewal in 900 seconds.
Now my private network, Kali and target machine are ready. Let's begin hacking my target machine.
From Kali Linux virtual machine run # nmap 192.168.231.29 to see what I can discover.
que-com-ctp-necromancer-nmap
I found port 80 open and 1 host up. That's a good start. Let's run # nmap -sU -n -r -T4 192.168.231.128
que-com-ctp-necromancer-nmap-doom
Now it's getting interesting. I found UDP port 666 a service for doom.
Let's fire up netcat using the newly discovered UDP port 666 # nc 192.168.231.128 666 [Enter].
que-com-ctp-necromancer-netcat
Hmm. Nothing happen. I wonder what's going on in the background. One way to find out, let's run our network snipping tool wireshark. I filter the result using my target machine IP Address 192.168.231.128 and found out it is trying to connect to the destination port 4444.
que-com-ctp-necromancer-wireshark
I open another terminal window, and setup to listen using port 4444 # nc -lvp 4444 [Enter]. And re-run # nc -u 192.168.231.128 666 [Enter], then wait to see the output in listening terminal window.
This is the result.
que-com-ctp-necromancer-netcat-captureddata
My first guess, it is a base64 code. I copied the code to my dumptext.txt file. And run #base64 -d -i dumptext.txt [Enter]
Woohh. I got the first flag.
que-com-ctp-necromancer-flag1
I copied  flag1{e6078b9b1aac915d11b9fd59791030bf}  to my flags.txt file for recording purpose, just like a trophy :)
Thank you.

Comments

Popular posts from this blog

Office365 - This resource doesn't accept meetings longer than 1440 minutes

When you create a meeting schedule for number of days, you will see an error  "This resource doesn't accept meetings longer than 1440 minutes". By default the mailbox or room was set for a maximum limit of 1440 minutes.

Here's how you can disable this limit.
Login to the Office 365 Administration ConsoleIn Microsoft Office 365 Exchange, click on Manage.In Manage My Orgnization, click the drop down arrow, and click on Select on Another User. This will prompt you to select the mailbox or room to manage.Select a Mailbox or Room, click OK.In Option, click on Settings.In Scheduling Options, un-check the "Limit meeting duration", then click on Save. That's all. You can now schedule a meeting or reserve a room for number of days.

Hope this help you.

If this helped you, please take the time to share this post by sharing using Google+, Facebook, Twitter, or LinkedIn

Out of Office Reply for Termed Employee

This is a sample Out of Office message that I used for termed employees, unless HR staff specified a different message.

=== Example for KING.NET Employee ===
John Doe (employee or consultant) is no longer with KING.NET effective June 1, 2013 (termination date). For matters relating to "Project Name here" please direct your concerns to John Smith at johnsmith@king.net (Manager or Supervisor). For all other matters, please direct your email to Mary Smith HR at marysmith@king.net.

Please call our main office 703-345-6789 if you have other concerns.
Thank you.

=== End of message ===

I posted this article year 2008 from my old blog.
http://whaddya.blogspot.com/2008/11/example-of-out-of-office-reply-for.html


If this helped you, please take the time to share this post by sharing using Google+, Facebook, Twitter, or LinkedIn

Facebook Business Valuation

Interesting post from Techcrunch.com about the Facebook valuation and I would like to share this to you folks. The picture graph provide a thousand words to fully explain their growth. Please click the image to see in full screen.