TAMU CTF 2019 Writeups

  1. Pwn
    1. Pwn1
    2. Pwn2
    3. Pwn3
    4. Pwn4
    5. Pwn5
  2. Network/pentest
    1. Stop and listen
    2. Wordpress
    3. Calculator


Challenge Description:

Using a teletype network protocol from the 70s to access a calculator from the 70s? Far out!
Note to new players: You won't see anything in Wireshark / tcpdump when you initially connect. (i.e. packets are sent unicast on a bridged network)

openvpn ConfigFile:

Configure the .ovpn file

Give a quick nmap to give you a list of ips in network... in which one is listening at port 23 i.e Telnet

Telnet is vulnerable to Creadential harvesting using MITM .... so I did an MITM ATACK to server to see what was going b/w computers on network(Actually there were only two computers)

I used ettercap for that.... After setting up MItm i just see the connection and guess what some one just logged in to telnet server using alice username and password....


So username is alice and password is 58318008

so i logged in with these creadential in telnet server


after wasting around 20 minutes in finding some suid binaries and other vulnerability.....
it came out that it was pretty easy challenge... all i have to do is see hidden files in home

so there was the flag...
it can be a better challenge.....