Inspiration
The challenge of trying to figure out how to break into a machine.
What it does
We have 3 machines that we have to break and capture two flags in each machine. One as a User and the other as a superuser.
How we built it
We went from port discovery to exploitation. Using tools such as NMAP, gobuster, evil-winrm ...
Challenges we ran into
The first machined, we had problems trying to encode the payload with the correct encoder. In the second machine, we had problems trying to scale privileges. Also, we had problems because we didn't use the proper tool for getting the usernames and apply the "Sprayer" method which would allow us to go to the next step, and we lost a lot of time finding them.
Accomplishments that we're proud of
We are one of the few teams that finished 2 out of 3 machines and also had almost half of the third machine done.
What we learned
We have learned new methods to attach virtual machine, new "protocols" to follow, new very helpful software programs which help us on privilege escalating.
What's next for CTF - Deloitte
By now we have learned, suffered, and enjoyed with this datathon. We'll be expecting to participate in future challenges.
Built With
- kali
- linux
Log in or sign up for Devpost to join the conversation.