Cyber Blog​

The attached PCAP belongs to an Exploitation Kit infection. Analyze it using your favorite tool and answer the challenge questions....

Work flow Summary Another easy machine that required several twists and turn along the way to root. Starting off with a narrow attack...

Scenario: An accountant at your organization received an email regarding an invoice with a download link. Suspicious network traffic was obs

Docker, API, CVE, RCE, Golang, Source Code Review, Git abuse, LFI, cmd injection.

SCP File injection, MITM - Responder, NTLM, evil-winrm, printer nightmare.

Linux, CMS Exploit, Strapi, Laravel, Outdated Software, CVE, Injection, RCE, Account Misconfiguration, Port forwarding (ssh),

Printer nightmare exploitation by hand!

All about assembly language!

De-serialization vulnerability, and eval statement abuse.

Objective Challenge This is a super cool challenge where we have to talk to Chimney Scissorsticks in the netwars area for our Objective 6...

Objective Challenge This was a neat challenge that taught us about the rubber ducky USB device. The work flow for this challenge is to...

SQL Injection, Hydra SSH BF, Post fix disclaimer, Cron - apt.confd

Objective Challenge In this challenge, we are tasked with a terminal challenge in order to receive hints for Objective 5. This challenge...

Engagement flow Summary This was a really cool machine that started off with web enumeration, leading to a login bypass in which we had...

Objective Challenge In this challenge we are tasked with taking our total coin count above 1000 and this will result in Jack Frosts...

Objective Challenge In this challenge, we are tasked with solving a fun bit wise operator challenge, in order to receive the hint, and...

Greasy GopherGuts needs our help with grepping through some nmap results and invites us to activate the terminal. 1. What port does...

Objective Challenge This is really cool challenge that we never expected. I recall in previous KringleCon challenges we were also...

Objective Challenge This challenge is pretty straight forwards and just invites us to look around the castle and get familiar with lay of...

Objective Challenge We speak with Piney Sappington to kick things off as the pre-curser to objective 2. He goes on to explain that our...

Welcome to the SANS Kringlecon 2021 holiday hack challenge. We start off here in a little courtyard outside of KringleCon where we are...

This challenge deals with content discover, auth bypass, dirbusting.

Working with cookie manipulation, encoding and formatting.

This task deals with IDOR vulnerabilities.