Tag Archives: wargames2017

Wargames 2017 – Challenge 12 : ezfile sharing

Challenge 12 : ezfile sharing

question for challenge 12

and the hint for this challenge:

hint for challenge 12

Initially, one of our teammate was fuzzing around the website and found “.git” folder. Seems related to the hint.

So we try to browse the folder/path:

.git folder/path

Hmm.. As a “layman” person (please guys, don’t try this at home. or any other place. wkwkwkwk), I’ve gone crazy by downloading all the git folder (recursively):

download all git folder content

Not sure why I did that. Maybe for easier to analyze next. Lets see what git -help can provide us with info:

git help menu

hmm.. Lets see if “git show” can provide any clue…

and.. profit! XD

ah! found it! so the flag is: “wgmy:{AdminGitGudPlease}

Wargames 2017 – Challenge 9 : unreachable

The question is:

"The critical server seems unreachable. The sysadmin tries to identify the cause of it..but weird..he is doing it backwardly."
http://files.wargames.my/2/p100.7zv
question for challenge 2
question for challenge 2

and the hint given to us:

hint for challenge 2
hint for challenge 2

so… RFC 792 – something related to ICMP/ping yada yada
so we open the pcap file in Wireshark, view only ICMP protocol:

open pcap using wireshark & then filter ICMP only

we can see ICMP traffic involving 2 IPs; 192.168.1.8 & 192.168.1.10

after digging around, I find out there is some “unique differences” at ping identification number; offset 0010. this involving IP 192.168.1.8:

lets use tshark to see it clearly:

tshark -r pcap1-100_1_copy.pcapng -x 'icmp and ip.src==192.168.1.8' | grep 0010
use tshark & grep offset 0010

as noted in the hint above; “he is tracing backwardly.”

so the flag is: flag_is_p!ngp0ng~
but actually…. the flag is: p!ngp0ng~ =.=’