0% found this document useful (0 votes)

25 views8 pages

CTF - TakeOver - Braice-1

Uploaded by

Cristiano Chagas

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

25 views8 pages

CTF - TakeOver - Braice-1

Uploaded by

Cristiano Chagas

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 8

Adicionei o DNS ao hosts para poder acessar com o nome do site

NMAP
Utilizei o Ffuf para enumerar os domínios e encontrei dois “blog” e “support”
Adicionei ao hosts da mesma forma

Utilizei o NMAP nos domínios que encontrei utilizando o script do SSL

Support
┌──(root㉿kali)-[~]
└─# nmap --script=ssl-cert support.futurevera.thm
Starting Nmap 7.93 ( https://nmap.org ) at 2023-04-26 23:17 -03
Nmap scan report for support.futurevera.thm (10.10.83.122)
Host is up (0.21s latency).
rDNS record for 10.10.83.122: futurevera.thm
Not shown: 997 closed tcp ports (reset)
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
| ssl-cert: Subject:
commonName=support.futurevera.thm/organizationName=Futurevera/stateOrProvinceNam
e=Oregon/countryName=US
| Subject Alternative Name: DNS:secrethelpdesk934752.support.futurevera.thm
| Issuer:
commonName=support.futurevera.thm/organizationName=Futurevera/stateOrProvinceNam
e=Oregon/countryName=US
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2022-03-13T14:26:24
| Not valid after: 2024-03-12T14:26:24
| MD5: aef3dd042e6ae9196b68ac30c2d1177a
|_SHA-1: d62ec5cadbe8c933359faa67f0adf6e7e4fee395

Nmap done: 1 IP address (1 host up) scanned in 3.75 seconds

Blog
┌──(root㉿kali)-[~]
└─# nmap --script=ssl-cert blog.futurevera.thm -v
Starting Nmap 7.93 ( https://nmap.org ) at 2023-04-26 23:13 -03
NSE: Loaded 1 scripts for scanning.
NSE: Script Pre-scanning.
Initiating NSE at 23:13
Completed NSE at 23:13, 0.00s elapsed
Initiating Ping Scan at 23:13
Scanning blog.futurevera.thm (10.10.83.122) [4 ports]
Completed Ping Scan at 23:13, 0.24s elapsed (1 total hosts)
Initiating SYN Stealth Scan at 23:13
Scanning blog.futurevera.thm (10.10.83.122) [1000 ports]
Discovered open port 443/tcp on 10.10.83.122
Discovered open port 22/tcp on 10.10.83.122
Discovered open port 80/tcp on 10.10.83.122
Completed SYN Stealth Scan at 23:13, 3.31s elapsed (1000 total ports)
NSE: Script scanning 10.10.83.122.
Initiating NSE at 23:13
Completed NSE at 23:13, 0.85s elapsed
Nmap scan report for blog.futurevera.thm (10.10.83.122)
Host is up (0.21s latency).
rDNS record for 10.10.83.122: futurevera.thm
Not shown: 997 closed tcp ports (reset)
PORT STATE SERVICE
22/tcp open ssh
80/tcp open http
443/tcp open https
| ssl-cert: Subject:
commonName=blog.futurevera.thm/organizationName=Futurevera/stateOrProvinceName=O
regon/countryName=US/localityName=Portland/organizationalUnitName=Thm
| Issuer:
commonName=blog.futurevera.thm/organizationName=Futurevera/stateOrProvinceName=O
regon/countryName=US/localityName=Portland/organizationalUnitName=Thm
| Public Key type: rsa
| Public Key bits: 2048
| Signature Algorithm: sha256WithRSAEncryption
| Not valid before: 2022-03-13T10:22:57
| Not valid after: 2023-03-13T10:22:57
| MD5: 8df0656c3814dd46c6ed5371e007d0e9
| SHA-1: 6641a3bdc9f787f0bc84171abce4897b3711d28e
| -----BEGIN CERTIFICATE-----
| MIIDxTCCAq2gAwIBAgIUJie9L3vwGYpL8luc5TrjUcrvsbgwDQYJKoZIhvcNAQEL
|
BQAwcjELMAkGA1UEBhMCVVMxDzANBgNVBAgMBk9yZWdvbjERMA8GA1UEBwwIUG9y
|
dGxhbmQxEzARBgNVBAoMCkZ1dHVyZXZlcmExDDAKBgNVBAsMA1RobTEcMBoGA1UE
| AwwTYmxvZy5mdXR1cmV2ZXJhLnRobTAeFw0yMjAzMTMxMDIyNTdaFw0yMzAzMTMx
| MDIyNTdaMHIxCzAJBgNVBAYTAlVTMQ8wDQYDVQQIDAZPcmVnb24xETAPBgNVBAcM
|
CFBvcnRsYW5kMRMwEQYDVQQKDApGdXR1cmV2ZXJhMQwwCgYDVQQLDANUaG0xH
DAa
| BgNVBAMME2Jsb2cuZnV0dXJldmVyYS50aG0wggEiMA0GCSqGSIb3DQEBAQUAA4IB
| DwAwggEKAoIBAQDLb/c9he3qhs9H7OwS+pRejtkc984rK5VGiQU1fBlHS9j90Jze
| NWEtMy3xVlqS8aBxBZCw0AgT2lb/GPk5pvnm9QqRDGGEoAViBQ/GJlSN5uzJmx3D
| KyGq0/XznTVfqXUfZciR+LQxXTeXyP2L+OFdRvSiLPnQExkN6Aeii4yhfIRsBE/W
| J99Pc7pJHngpwx6KbSv8cO9euG/GfS4aV6EovopYiLuIbDTdokFh9YLVioo7VAvN
| ZMv3ALq6qBNRxn+3QNFCCoMFsTQh6KIGAKtqra6pVo10UP8c9mKb/6peHKUZ1AEP
| s0tIOLyD8aXl5Tk01xxgB0iz6TKxV4/cQnh5AgMBAAGjUzBRMB0GA1UdDgQWBBRk
| ctuhbchdiLIibTgc2mh+4JAiYTAfBgNVHSMEGDAWgBRkctuhbchdiLIibTgc2mh+
| 4JAiYTAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQARfZJ/c05S
| BpXJzgHCIrnda/18cfgLJnJXedN9VXNH/Dywr2JRioigzPbNFBjnAw1xo14T82QF
| Y4jkDLw/PQMDgkC70rotYa3Fm58oaGOUpnv8rbNR8jvX6omlwNQHncxWNzqMTFMZ
| GZkn5Xn3UjP+GBsqQZ+vcYp8pKB7Cy69BWKahEJQHRmXC2iyOcOfhz85wzO1dJKz
| fZ4OTTd7IaTwvaPNc6J0flGidEBXQOydOF/M9aQKK7nrERZzY09U7WwgvPrr03ng
| NQCf6Q/rrb4W0plWdL2AEZASQtsU1sqA1WUrttOsfZvaLFyzDOQgF3tNGeWE2RP6
| zHh0LjHZJfsZ
|_-----END CERTIFICATE-----

NSE: Script Post-scanning.

Initiating NSE at 23:13
Completed NSE at 23:13, 0.00s elapsed
Read data files from: /usr/bin/../share/nmap
Nmap done: 1 IP address (1 host up) scanned in 4.73 seconds
Raw packets sent: 1004 (44.152KB) | Rcvd: 1001 (40.040KB)
Peguei o subdomínio que foi mostrado no NMAP do support e inseri nos hosts também

Quando acessei na mensagem de erro estava a flag da room.

9.3.8 Lab - Exploring Nmap
No ratings yet
9.3.8 Lab - Exploring Nmap
6 pages
OPC DA 2.05a Specification
100% (1)
OPC DA 2.05a Specification
194 pages
Seguranca Ofensiva
No ratings yet
Seguranca Ofensiva
12 pages
Sohan - Saha - Takeover Report
No ratings yet
Sohan - Saha - Takeover Report
7 pages
Vuln 2
No ratings yet
Vuln 2
2 pages
Openvas Scanner Output 2024-07-09
No ratings yet
Openvas Scanner Output 2024-07-09
133 pages
Nmap
No ratings yet
Nmap
15 pages
Scan MV
No ratings yet
Scan MV
1 page
Ta 3CS
No ratings yet
Ta 3CS
12 pages
IT Systems Security: Submitted By: Submitted To: Ayush Sharma Dr. Adarsh Kumar 500061524 R134217045 Cse-Csf (Vi) B1
No ratings yet
IT Systems Security: Submitted By: Submitted To: Ayush Sharma Dr. Adarsh Kumar 500061524 R134217045 Cse-Csf (Vi) B1
15 pages
Tarama Sonuçları
No ratings yet
Tarama Sonuçları
2 pages
Nmapoutputtest
No ratings yet
Nmapoutputtest
2 pages
Lab 3
No ratings yet
Lab 3
7 pages
PortScanServiçosRede 1
No ratings yet
PortScanServiçosRede 1
5 pages
Hackthebox Backdoor: Prepared by Imamrahman15
No ratings yet
Hackthebox Backdoor: Prepared by Imamrahman15
17 pages
Informe Completo
No ratings yet
Informe Completo
25 pages
EHE Toutrial
No ratings yet
EHE Toutrial
52 pages
#Penetration Testing in The Real World
No ratings yet
#Penetration Testing in The Real World
97 pages
Anjali Nmap Assignment 1
No ratings yet
Anjali Nmap Assignment 1
2 pages
PentestTools TcpPortScan Report
No ratings yet
PentestTools TcpPortScan Report
1 page
Report Network Hack
No ratings yet
Report Network Hack
7 pages
9.3.8 Lab Exploring Nmap
No ratings yet
9.3.8 Lab Exploring Nmap
6 pages
9.3.8 Lab - Exploring Nmap
No ratings yet
9.3.8 Lab - Exploring Nmap
7 pages
Nmap Result
No ratings yet
Nmap Result
2 pages
Escaneo de Puertos
No ratings yet
Escaneo de Puertos
70 pages
Free DNS List
No ratings yet
Free DNS List
4 pages
Vuln
No ratings yet
Vuln
2 pages
Nmap - Scanning The Internet
No ratings yet
Nmap - Scanning The Internet
45 pages
bhdc08 Slides Fyodor PDF
No ratings yet
bhdc08 Slides Fyodor PDF
45 pages
Nmap
No ratings yet
Nmap
45 pages
Attack Common Services
No ratings yet
Attack Common Services
22 pages
Kali
No ratings yet
Kali
10 pages
Cen Sys and Se Toolkit
No ratings yet
Cen Sys and Se Toolkit
10 pages
1 - Recon
No ratings yet
1 - Recon
6 pages
VAPTTT
No ratings yet
VAPTTT
46 pages
NMAP
No ratings yet
NMAP
21 pages
Pit
No ratings yet
Pit
15 pages
Kishan Cs LM
No ratings yet
Kishan Cs LM
81 pages
Nmap Wireshark Guide
No ratings yet
Nmap Wireshark Guide
3 pages
Information Gathering and Vulnerability Assessment Report For CyberSapiens PDF
No ratings yet
Information Gathering and Vulnerability Assessment Report For CyberSapiens PDF
22 pages
Port Scanning Technique OSCP
No ratings yet
Port Scanning Technique OSCP
17 pages
Digitalworld - Local Mercy Walkthrough SOG - Re
No ratings yet
Digitalworld - Local Mercy Walkthrough SOG - Re
1 page
CompTIA Security+: Network Attacks
From Everand
CompTIA Security+: Network Attacks
AS Snipes
5/5 (1)
Nmap Cheat Sheet
No ratings yet
Nmap Cheat Sheet
3 pages
Tekcloud TX Firewall
No ratings yet
Tekcloud TX Firewall
217 pages
NAGIOS Inspeção Relatório de Dados
No ratings yet
NAGIOS Inspeção Relatório de Dados
2 pages
SAML2 Configuration For SAP Firoi Gateway For Non-Production - NV1 - Amssap75
No ratings yet
SAML2 Configuration For SAP Firoi Gateway For Non-Production - NV1 - Amssap75
46 pages
Datos
No ratings yet
Datos
4 pages
Configuration of a Simple Samba File Server, Quota and Schedule Backup
From Everand
Configuration of a Simple Samba File Server, Quota and Schedule Backup
Dr. Hidaia Mahmood Alassouli
No ratings yet
Network Scanning Complete
No ratings yet
Network Scanning Complete
41 pages
Hacking Tools Cheat Sheet: Basic Linux Networking Tools
100% (4)
Hacking Tools Cheat Sheet: Basic Linux Networking Tools
2 pages
9.3.8 Lab - Exploring Nmap
No ratings yet
9.3.8 Lab - Exploring Nmap
7 pages
Zenmap
No ratings yet
Zenmap
8 pages
Chatgpt Chatgpt
No ratings yet
Chatgpt Chatgpt
22 pages
Nmap Analysis
No ratings yet
Nmap Analysis
3 pages
4.5.2.10 Lab - Exploring Nmap
No ratings yet
4.5.2.10 Lab - Exploring Nmap
8 pages
Red Team Capstone Network - Kesaya Write-Up
No ratings yet
Red Team Capstone Network - Kesaya Write-Up
43 pages
9.3.8 Lab - Exploring Nmap
No ratings yet
9.3.8 Lab - Exploring Nmap
7 pages
Results
No ratings yet
Results
25 pages
Vulnerability Scan
No ratings yet
Vulnerability Scan
66 pages
Final Results
No ratings yet
Final Results
17 pages
s3900 24f4s Switch Typical Network Solution
No ratings yet
s3900 24f4s Switch Typical Network Solution
7 pages
Software Engineer Job Description
No ratings yet
Software Engineer Job Description
5 pages
PYTHON PROGRAMMING March 2021
No ratings yet
PYTHON PROGRAMMING March 2021
8 pages
Business Requirement Document (BRD)
No ratings yet
Business Requirement Document (BRD)
5 pages
New Text Document
No ratings yet
New Text Document
15 pages
Example Vulnerability Patch Management Program VPMP
No ratings yet
Example Vulnerability Patch Management Program VPMP
13 pages
Sysiot SR Ru123g05b
No ratings yet
Sysiot SR Ru123g05b
3 pages
Javelin DNA Series
No ratings yet
Javelin DNA Series
3 pages
Systems Analysis and Design in A Changing World, Fifth Edition
No ratings yet
Systems Analysis and Design in A Changing World, Fifth Edition
26 pages
Core Aruba 1 New
No ratings yet
Core Aruba 1 New
12 pages
APROG - PL - Intellij - Tutorial - EN
No ratings yet
APROG - PL - Intellij - Tutorial - EN
6 pages
DS Assignment 01
No ratings yet
DS Assignment 01
6 pages
CS F351 - TOC - Dr. Raghunath Reddy (2023-24)
No ratings yet
CS F351 - TOC - Dr. Raghunath Reddy (2023-24)
2 pages
Brochure Springer10 PDF
No ratings yet
Brochure Springer10 PDF
2 pages
Home Security System With Face Recognition Based On Convolutional Neural Network
No ratings yet
Home Security System With Face Recognition Based On Convolutional Neural Network
5 pages
An1218 PDF
No ratings yet
An1218 PDF
56 pages
Sns-En-Cli Console SSH Commands Reference Guide-V4
No ratings yet
Sns-En-Cli Console SSH Commands Reference Guide-V4
163 pages
DCN Notes
No ratings yet
DCN Notes
34 pages
Student Registration Form Using Table in HTML and CSS
No ratings yet
Student Registration Form Using Table in HTML and CSS
7 pages
Presentation On:: Multi-Threading and Thread Synchronization
No ratings yet
Presentation On:: Multi-Threading and Thread Synchronization
24 pages
Technical Reference Manual
No ratings yet
Technical Reference Manual
100 pages
Isilon Cluster Shutdown
100% (1)
Isilon Cluster Shutdown
12 pages
Wireless M Bus in Industrial IoT Technol
No ratings yet
Wireless M Bus in Industrial IoT Technol
6 pages
CDATA-XPON ONU - FD514GD-R460 (4GE+2WIFI) Datasheet
No ratings yet
CDATA-XPON ONU - FD514GD-R460 (4GE+2WIFI) Datasheet
4 pages
Networking For DevOps Complete Notes 1739926268
No ratings yet
Networking For DevOps Complete Notes 1739926268
14 pages
C++ Chapter 5 Arrays and String
No ratings yet
C++ Chapter 5 Arrays and String
15 pages
GC 2024 12 30
No ratings yet
GC 2024 12 30
11 pages
Redis Java
No ratings yet
Redis Java
2 pages
DBMS Journal Guidelines
No ratings yet
DBMS Journal Guidelines
7 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

CTF - TakeOver - Braice-1

Uploaded by

CTF - TakeOver - Braice-1

Uploaded by

Adicionei o DNS ao hosts para poder acessar com o nome do site

Utilizei o NMAP nos domínios que encontrei utilizando o script do SSL

Nmap done: 1 IP address (1 host up) scanned in 3.75 seconds

NSE: Script Post-scanning.

Quando acessei na mensagem de erro estava a flag da room.

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.