3. Have a l00k?!?!
Dude…
I can’t see sh*t!!
What we got:
● HTML only website
● No juicy HTML or JS
comments
What can we do??
● Let’s go Neanderthal on it
and fuzz ALL the things!!!
5. Houston we have the sauce code!!
$ wget --mirror
http://summerchallenge.apl3b.com/002E95AC03
439AF96A79E469AB9B5C872E4A51EE5BEFE23A
DEFDE27D148A1ED2F9E90E404859ED34D25836
D81268DE9C50E773E4529D434FABA9D9797A1
362FD/.git/
$ git reset --hard
HEAD is now at f2c9fd9 Update 8JUCv3fZ44.html
$ curl
http://summerchallenge.apl3b.com/002E95AC03
439AF96A79E469AB9B5C872E4A51EE5BEFE23A
DEFDE27D148A1ED2F9E90E404859ED34D25836
D81268DE9C50E773E4529D434FABA9D9797A1
362FD/8JUCv3fZ44.html
7. Lost In
Translation
Dafuq am I
reading???
What we got:
● Weird looking language or code.
Is it a programming language?
What can we do??
● Let’s Google-Fu it!
Google:
“weird programming language”
17. We love Web 2.0
What we got:
● Very old Wordpress instance.
What can we do??
● Wpscan FTW!...
● Or… Let’s just go Neanderthal
on the login form, use a
dictionary attack and hope we...
21. Explorer
What we got:
● Web Shell on the Wordpress
instance.
● MySQL Credentials.
What can we do??
● What other services is the
server running?
● Are the MySQL credentials
reused and work on more
services?
23. Climbing to the
Moon
What we got:
● SSH access to the box.
● Low privilege non root shell.
What can we do??
● Google for Privilege Escalation
Techniques and Tools and not
just Exploits.
● Enumerate ALL the things.