Psycho Break
Psycho Break
Psycho Break
Help Sebastian and his team of investigators to withstand the dangers that come ahead.
This room is based on a video game called evil within. I am a huge fan of this game. So I decided to make a CTF on it. With my storyline :). Your job is to help Sebastian and his team of investigators to withstand the dangers that come aheah.
Recon
- How many ports are open?
- I run rustscan against IP to get active port in less time
1
21,22,80
- What is the operating system that runs on the target machine?
- I run nmap with -O option to enable OS detection
1
sudo nmap -O -p 21,22,80 $ip -vv
- OS may be linux but i don’t get exact debian version of linux
- So i use -sV option to enable Version detection
1
nmap -sV -p 21,22,80 $ip -v
- I found that ssh running on
UbuntuLinux with version7.2p2
Web
- Key to the looker room
- As port 80 is open i go to web page to gather some more information and found
/sadistRoomdirectory at source code
- As port 80 is open i go to web page to gather some more information and found
- When i go at above location, i found Key to locker Room:
532219a04ab7a02b56faafbec1a4c1ea
- Key to access the map
- After we have to enter key to locker room which we find earlier.
- Here it say decode this
Tizmg_nv_zxxvhh_gl_gsv_nzk_kovzhvto get key to access the map.
- So i use hash-identifier but no luck it cannot identify any encryption algo so i decided to go and give a try with online tool https://www.dcode.fr/cipher-identifier
- I get many cipher but most likely is top 3.
- So to decrypt it, I also use online tool for this.
- First i go with
Atbash Cipher:https://www.dcode.fr/atbash-cipher
- Lucky enough i get my key on first attempt.
- Key:
Grant_me_access_to_the_map_please
- The Keeper Key
- I enter key to access the map
- Now i go to Safe Heaven to complete my next challenge.
- View source code and found something related to search so i think it has some hidden directories.
- So I perform directory enumeration using
ffuf - If you don’t have
ffufin your linux machine just run below command to install it
1
git clone https://github.com/ffuf/ffuf ; cd ffuf ; go get ; go build ; sudo mv ffuf /usr/local/bin
- Now i run ffuf again $ip/SafeHeaven
1
ffuf -w /usr/share/wordlists/dirbuster/directory-list-2.3-medium.txt -u http://$ip/SafeHeaven/FUZZ -c -v -t 60 -ic
- I found one interesting directory keeper
- I navigate to $ip/keeper and click on Escape Keeper.
- I have less than 2 minutes time to get code to get key
- Found Something interesting in source code. It say i have search this image on google.
- I get
St.Augustine Lighthouse
- I enter and navigate to key page
- Key:
48ee41458eb0b43bf82b986cecf3af01
- What is the filename of the text file (without the file extension)
- I go to abandonedRoom and enter Keeper Key which we found above
- On click Go Further i redirect to below page
- Source Code of above page has something interesting comments
- Here it mention there is something like “shell” on current page. So i pass parameter in url with command as value like: /?shell=ls
- And yeah its working
- We need file name so i guess it is located at previous directory as challenge also start from that directory so i run ls .. to see content of previous directory
- But no luck it is not file as we expected but it looks like directory so i paste first segment that is
680e89809965ec41e64dc7e447f175aband paste it into url. And we found something interesting that is we got file name i.e.,you_made_it
Help Me
Coming Soon
This post is licensed under CC BY 4.0 by the author.