https://ctftime.org/event/2396 [forensics] bom [forensics] packed [forensics] crash [forensics] routed [forensics] System Hardening 10 解けなかった [web] readme 解いたが解けてない。 [web] journal [web] P2C [web] crystals [forensics] bom ch…

以下設問たくさんありますが、1つの問題です。 問題の概要 最終形 解く前に Forensics Question Forensics Question 1 - 6 pts 解けなかった Forensics Question 2 - 6 pts Forensics Question 3 - 6 pts Forensics Question 4 - 6 pts Forensics Question 5…

https://app.hackthebox.com/sherlocks/Tracer Hack The Box Sherlocksとは Sherlock Scenario A junior SOC analyst on duty has reported multiple alerts indicating the presence of PsExec on a workstation. They verified the alerts and escalated t…

https://app.hackthebox.com/sherlocks/ProcNet Hack The Box Sherlocksとは Sherlock Scenario With the rising utilization of open-source C2 frameworks by threat actors, our red team has simulated the functionalities of one such widely employed…

https://app.hackthebox.com/sherlocks/Ore Hack The Box Sherlocksとは Sherlock Scenario One of our technical partners are currently managing our AWS infrastructure. We requested the deployment of some technology into the cloud. The solution …

https://app.hackthebox.com/sherlocks/Nubilum-1 Hack The Box Sherlocksとは Sherlock Scenario Our cloud administration team recently received a warning from Amazon that an EC2 instance deployed in our cloud environment is being utilised for …

https://app.hackthebox.com/sherlocks/Noted Hack The Box Sherlocksとは Sherlock Scenario Simon, a developer working at Forela, notified the CERT team about a note that appeared on his desktop. The note claimed that his system had been compr…

https://app.hackthebox.com/sherlocks/Lockpick2.0 Hack The Box Sherlocksとは Sherlock Scenario We've been hit by Ransomware again, but this time the threat actor seems to have upped their skillset. Once again a they've managed to encrypt a …

https://app.hackthebox.com/sherlocks/Lockpick Hack The Box Sherlocksとは Sherlock Scenario Forela needs your help! A whole portion of our UNIX servers have been hit with what we think is ransomware. We are refusing to pay the attackers and…

https://app.hackthebox.com/sherlocks/Litter Hack The Box Sherlocksとは Sherlock Scenario Khalid has just logged onto a host that he and his team use as a testing host for many different purposes, it’s off their corporate network but has ac…

https://app.hackthebox.com/sherlocks/Hyperfiletable Hack The Box Sherlocksとは Sherlock Scenario There has been a new joiner in Forela, they have downloaded their onboarding documentation, however someone has managed to phish the user with…

https://app.hackthebox.com/sherlocks/Einladen Hack The Box Sherlocksとは Sherlock Scenario Our staff recently received an invite to the German embassy to bid farewell to the Germany Ambassador. We believe this invite was a phishing email d…

https://app.hackthebox.com/sherlocks/Constellation Hack The Box Sherlocksとは Sherlock Scenario The SOC team has recently been alerted to the potential existence of an insider threat. The suspect employee's workstation has been secured and…

https://ctftime.org/event/2416 [Web] Introspection [Web] Style Query Listing...? [Web] Heads or Tails? [Web] Indoor WebApp [Web] Introspection ソースコード無し。フラグを入力するサイトが与えられる。Burp Suiteを起動してサイトを巡回すると/scr…

https://ctftime.org/event/2284 [Web] parrot the emu [Web] zoo feedback form [Web] co2 [Web] co2v2 GET /でHTMLを埋め込む CSPのnonceを固定化する 攻撃をまとめる [Web] hah got em [Web] i am confusion [Forensics] Baby's First Forensics [Forensi…

https://ctftime.org/event/2275 [Web] Fare Evasion [Web] Log Action [Web] Fare Evasion ソースコード無し。I'm a Passengerという押せるボタンとI'm a Conductorという押せないボタンが置いてある。アクセスすると以下のようなJWTが手に入る。 eyJhbGciO…