Tag Archives: wargames2017

Wargames 2017 – Challenge 12 : ezfile sharing

Leave a reply

Challenge 12 : ezfile sharing

question for challenge 12

and the hint for this challenge:

hint for challenge 12

one of our teammate was fuzzing around the website and found “.git” folder.
seems related to the hint.
we try to browse the folder/path:

.git folder/path

as a “layman” person (please guys, don’t try this at home. or any other place. wkwkwkwk), I’ve gone too far by downloading all the git folder (recursively):

download all git folder content

lets see what git -help can provide us with info:

git help menu

hmm.. lets see if “git show” can provide any clue…

and.. profit! XD

so the flag is: “wgmy:{AdminGitGudPlease}”

Wargames 2017 – Challenge 9 : unreachable

Leave a reply

the question is:

"The critical server seems unreachable. The sysadmin tries to identify the cause of it..but weird..he is doing it backwardly."
http://files.wargames.my/2/p100.7zv
question for challenge 2

question for challenge 2

and the hint given to us:

hint for challenge 2

hint for challenge 2

so… RFC 792 – something related to ICMP/ping yada yada
so we open the pcap file in Wireshark, view only ICMP protocol:

open pcap using wireshark & then filter ICMP only

we can see ICMP traffic involving 2 IPs; 192.168.1.8 & 192.168.1.10
after digging around, I find out there is some “unique differences” at ping identification number; offset 0010. this involving IP 192.168.1.8.

lets use tshark to see it clearly:

tshark -r pcap1-100_1_copy.pcapng -x 'icmp and ip.src==192.168.1.8' | grep 0010

use tshark & grep offset 0010

as noted in the hint above;
“he is tracing backwardly.”

the flag is: flag_is_p!ngp0ng~
but actually…. the flag is: p!ngp0ng~