✍️
CTFs
Home
  • CTF Writeups
  • Tools and Payloads
  • TryHackMe
    • TryHackMe Overview
      • Advent of Cyber 2
        • Day 01 - Christmas Crisis
        • Day 02 - The Elf Strikes Back!
        • Day 03 - Christmas Chaos
        • Day 04 - Santa's Watching
        • Day 05 - Someone stole Santa's gift list!
        • Day 06 - Be careful with what you wish on a Christmas night
        • Day 07 - The Grinch Really Did Steal Christmas
        • Day 08 - What's Under the Christmas Tree?
        • Day 09 - Anyone can be Santa!
        • Day 10 - Don't be sElfish!
        • Day 11 - The Rogue Gnome
        • Day 12 - Ready, set, elf
        • Day 13 - Coal for Christmas
        • Day 14 - Where's Rudolph?
        • Day 15 - There's a Python in my stocking!
        • Day 16 - Help! Where is Santa?
        • Day 17 - ReverseELFneering
        • Day 18 - The Bits of Christmas
        • Day 19 - The Naughty or Nice List
        • Day 20 - PowershELlF to the rescue
        • Day 21 - Time for some ELForensics
        • Day 22 - Elf McEager becomes CyberElf
        • Day 23 - The Grinch strikes again!
        • Day 24 - The Trial Before Christmas
      • Web Fundamentals
      • Anonymous
      • Printer Hacking 101
      • OWASP Top 10
        • Injection
        • Broken Authentication
        • Sensitive Data Exposure
        • XML External Entity
        • Broken Access Control
        • Security Misconfiguration
        • Cross-Site Scripting
        • Insecure Deserialization
        • Components with Known Vulnerabilities
        • Insufficent Logging & Monitoring
      • Vulnversity
      • Nmap
      • Google Dorking
      • Blog
      • Metasploit
      • OhSINT
      • Searchlight - IMINT
      • Basic Pentesting
      • Crack the Hash
      • Crack the Hash 2
      • Year of the Jellyfish
      • VulnNet - DotJar
      • Encryption - Crypto 101
      • CC: Pen Testing
      • Kenobi
      • Linux Backdoors
      • Root Me
      • DNS Manipulation
      • OWASP Juice Shop
      • Pickle Rick
      • CC: Steganography
      • OverPass
      • OverPass 2 - Hacked
      • OverPass 3 - Hosting
      • Mr Robot CTF
      • VulnNet
      • Linux PrivEsc
      • Git Happens
      • Buffer Overflow Prep
      • BrainPan
      • CC: Ghidra
      • Intro to x86-64
      • CC: Radare2
      • Linux Forensics
      • ReverseEngineering
      • Reversing ELF
      • Simple CTF
      • c4ptur3-th3-fl4g
      • Cat Pictures
      • Bounty Hacker
      • That's the Ticket
      • Brute It
      • Smag Grotto
      • Ignite
      • Ninja Skills
      • Break It
      • Mustacchio
      • Agent Sudo
      • Poster
      • Fowsniff CTF
      • Juicy Details
      • The Impossible Challenge
      • Golden Eye
      • Lian_Yu
      • Couch
      • GateKeeper
      • WebAppSec 101
      • Advent of Cyber 1
        • Day 01 - Inventory Management
        • Day 02 - Arctic Forum
        • Day 03 - Evil Elf
        • Day 04 - Training
        • Day 05 - Ho-Ho-Hosint
        • Day 06 - Data Elf-iltration
        • Day 07 - Skilling Up
        • Day 08 - SUID Shenanigans
        • Day 09 - Requests
        • Day 10 - Metasploit-a-ho-ho-ho
        • Day 11 - Elf Applications
        • Day 12 - Elfcryption
        • Day 13 - Accumulate
        • Day 14 - Unknown Storage
      • Hacker of the Hill
  • HackTheBox
    • HackTheBox Overview
      • Emdee five for life
      • Templated
      • Phonebook
  • HackTheBox Academy
    • HTB Academy Overview
  • PortSwigger Academy
    • PortSwigger Overview
      • Authenication bypass via OAuth implicit flow
      • Forced Oauth Profile Linking
      • OAuth account hijacking via redirect_uri
      • Stealing OAuth access tokens via an open redirect
      • Stealing OAuth access tokens via a proxy page
  • 2021 CTFs
    • Gurugram Cyber Heist CTF 2021
      • All About Web
      • Are You Web Expert
      • Mobile Phones are Bad
      • The Last Step
      • Social Media Havoc
    • ZH3R0 CTF 2.0 2021
      • Misc - Small Maniac's Game
      • Web - bxss
      • Web - Sparta
      • Web - Baby SSRF
      • Web - Original Store v1 and v2
      • Web - strpos and substr
    • NahamCon 2021
      • esab64
      • Bionic & Meet the Team
      • Gus & Hercules
      • Pollex
  • 2020 CTFs
    • VulnCon2020 Overview
      • Noob Bot Welcomes You!
      • Maze
      • Pcaped
Powered by GitBook
On this page
  • Whats the destination IP on packet number 998?
  • What item is on the Christmas list?
  • Crack buddy's password!
  1. TryHackMe
  2. TryHackMe Overview
  3. Advent of Cyber 1

Day 03 - Evil Elf

Date: 26, May, 2021

Author: Dhilip Sanjay S


  • Download the pcap file.

  • Open it using Wireshark.

Whats the destination IP on packet number 998?

  • Answer: 63.32.89.195


What item is on the Christmas list?

  • Answer: ps4

  • Steps to Reproduce:

    • We can't find useful information in SSL encrypted packet.

    • So look for telnet protocol (Unencrypted)

    • You'll obtain 3 packets.

    • Open the Telnet data of Packet 2255 and you'll find:

    echo 'ps4' > christmas_list.txt

Crack buddy's password!

  • Answer: rainbow

  • Steps to Reproduce:

    • Open the Telnet Data of Packet 2908

    • You'll find the contents of /etc/shadow file.

    • Copy and save the hash of buddy. (It is sha512 hash)

    • Use john or hashcat to crack the hash

    $ john hash.txt --wordlist=/usr/share/wordlists/rockyou.txt 
    Using default input encoding: UTF-8
    Loaded 1 password hash (sha512crypt, crypt(3) $6$ [SHA512 256/256 AVX2 4x])
    Cost 1 (iteration count) is 5000 for all loaded hashes
    Press 'q' or Ctrl-C to abort, almost any other key for status
    rainbow          (?)
    1g 0:00:00:00 DONE (2021-05-26 12:28) 5.555g/s 1422p/s 1422c/s 1422C/s carolina..freedom
    Use the "--show" option to display all of the cracked passwords reliably
    Session completed

PreviousDay 02 - Arctic ForumNextDay 04 - Training

Last updated 1 year ago