-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
20 changed files
with
75 additions
and
3 deletions.
There are no files selected for viewing
24 changes: 23 additions & 1 deletion
24
...top-talent-2024-senior-qualifier/challenges/network-security/encrypted-c2-v2.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,25 @@ | ||
# Encrypted C2 v2 | ||
|
||
## WIP | ||
![1.png](../../images/network-security/encrypted-c2-v2/1.png) | ||
|
||
[open_netsec3.pcapng](../../files/open_netsec3.pcapng) | ||
|
||
## Solving | ||
|
||
![2.png](../../images/network-security/encrypted-c2-v2/2.png) | ||
|
||
export ไว้รอเลย | ||
|
||
![3.png](../../images/network-security/encrypted-c2-v2/3.png) | ||
|
||
จากที่ดูคือเราต้องเอา maps ไปใช้ในการถอดรหัส จะได้จาก handshake และ ข้อความจะเกิดขึ้นตอน callback | ||
|
||
![4.png](../../images/network-security/encrypted-c2-v2/4.png) | ||
|
||
เราเลยเขียน code loop ถอดมันทุกแบบไปเลย | ||
|
||
## Result | ||
|
||
![5.png](../../images/network-security/encrypted-c2-v2/5.png) | ||
|
||
it work |
32 changes: 31 additions & 1 deletion
32
...ber-top-talent-2024-senior-qualifier/challenges/network-security/http-mayhem.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,33 @@ | ||
# HTTP Mayhem | ||
|
||
## WIP | ||
![1.png](../../images/network-security/http-mayhem/1.png) | ||
|
||
[open_netsec1.pcapng](../../files/open_netsec1.pcapng) | ||
|
||
## Solving | ||
|
||
เราเปิดมาพบ 2 stream ที่เป็น http | ||
|
||
![2.png](../../images/network-security/http-mayhem/2.png) | ||
|
||
มันคือ code python ที่เอาไว้ใช้ทำอะไรสักอย่าง | ||
|
||
![3.png](../../images/network-security/http-mayhem/3.png) | ||
|
||
รูป | ||
|
||
![4.png](../../images/network-security/http-mayhem/4.png) | ||
|
||
เราจึงลองเอารูปนั้นมาเปิดดู แต่ทำไมไม่มีอะไรเลย ? | ||
|
||
![5.png](../../images/network-security/http-mayhem/5.png) | ||
|
||
เราจึงกลับไปดูที่ code เราจึงเดาๆได้ว่า code นี้ใช้ในการซ่อนข้อมูลใน pixle bit สุดท้าย | ||
|
||
![6.png](../../images/network-security/http-mayhem/6.png) | ||
|
||
เราจึงเขียนแก้ code ให้ใช้เป็นการถอดรหัส | ||
|
||
## Result | ||
|
||
![7.png](../../images/network-security/http-mayhem/7.png) |
22 changes: 21 additions & 1 deletion
22
...-top-talent-2024-senior-qualifier/challenges/network-security/slient-whisper.md
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,3 +1,23 @@ | ||
# Silent Whisper | ||
|
||
## WIP | ||
![1.png](../../images/network-security/slient-whisper/1.png) | ||
|
||
[open_netsec2.pcapng](../../files/open_netsec2.pcapng) | ||
|
||
## Solving | ||
|
||
![2.png](../../images/network-security/slient-whisper/2.png) | ||
|
||
หน้าที่ของเราคือต้องมาหาว่า password ไหนที่ใช้เข้าสู่ระบบได้สำเร็จ | ||
|
||
![3.png](../../images/network-security/slient-whisper/3.png) | ||
|
||
เราจึงทดลองด้วย key word สักตัวเพื่อดูว่ามันจะมีคำไหนบ้าง ซึ่งดูเหมือนถ้า login สำเร็จจะมีคำนี้ | ||
|
||
![4.png](../../images/network-security/slient-whisper/4.png) | ||
|
||
เราจึงเอาคำนั้นไป filter ใน wireshark | ||
|
||
## Result | ||
|
||
![5.png](../../images/network-security/slient-whisper/5.png) |
Binary file added
BIN
+298 KB
...-top-talent-2024-senior-qualifier/images/network-security/encrypted-c2-v2/1.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+89 KB
...-top-talent-2024-senior-qualifier/images/network-security/encrypted-c2-v2/2.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+224 KB
...-top-talent-2024-senior-qualifier/images/network-security/encrypted-c2-v2/3.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+85 KB
...-top-talent-2024-senior-qualifier/images/network-security/encrypted-c2-v2/4.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+112 KB
...-top-talent-2024-senior-qualifier/images/network-security/encrypted-c2-v2/5.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+143 KB
...yber-top-talent-2024-senior-qualifier/images/network-security/http-mayhem/1.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+50 KB
...yber-top-talent-2024-senior-qualifier/images/network-security/http-mayhem/2.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+36.6 KB
...yber-top-talent-2024-senior-qualifier/images/network-security/http-mayhem/3.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+78.9 KB
...yber-top-talent-2024-senior-qualifier/images/network-security/http-mayhem/4.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+59.5 KB
...yber-top-talent-2024-senior-qualifier/images/network-security/http-mayhem/5.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+81.9 KB
...yber-top-talent-2024-senior-qualifier/images/network-security/http-mayhem/6.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+17.2 KB
...yber-top-talent-2024-senior-qualifier/images/network-security/http-mayhem/7.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+305 KB
...r-top-talent-2024-senior-qualifier/images/network-security/slient-whisper/1.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+38.1 KB
...r-top-talent-2024-senior-qualifier/images/network-security/slient-whisper/2.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+18.3 KB
...r-top-talent-2024-senior-qualifier/images/network-security/slient-whisper/3.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+11.8 KB
...r-top-talent-2024-senior-qualifier/images/network-security/slient-whisper/4.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
Binary file added
BIN
+37.3 KB
...r-top-talent-2024-senior-qualifier/images/network-security/slient-whisper/5.png
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.