My first github repo.
Just me reading and all new to IT
- tutorial A-- [TUTORIAL] Simple Mathematic
Jawapan anda harus dibalut dengan ' WHC{ nombor }' atau ' WHC{ text }' Untuk soalan di bawah, boleh submit dalam bentuk nombor seperti:
Soalan: 8+2 Jawapan: 10 Anda harus submit: WHC{10}
Jom cuba, nyatakan jumlah bagi soalan di bawah:-
15+30
Answer:
- print("15+30")
- Run output : 45
- WHC{45}
B--[TUTORIAL] Simple OSINT
'Jawapan anda harus dibalut dengan ' WHC{ nombor }' atau ' WHC{ text }'
Contoh:- Hacker mana yang anda boleh hubungi di forum dragonforce jika ada sebarang masalah? WHC{nanovim}
Jom kita cuba, soalan untuk anda:- Nyatakan admin yang menganjurkan CTF ini (case sensitive)'
Answer:
- search 'https://dragonforce.io/threads/whitehat-crew-selection-open-now.9011/#post-97048'
- owner thread : DirbusterX
- WHC{DirbusterX}
C--Tutorial
We do this for fun but yet for a serious matter. Please dont bruteforce the flag or try to pentest the site. No DDOS to the site please.
Send me " WHC{I_Agree_To_The_Terms} " in the Flag Box below.
Answer:
- WHC{I_Agree_To_The_Terms} copypaste jek
- Darkweb A--TorPaste
We found a dangerous information on the Darknet. Can you please try to obtain the info?
http://torpastezr7464pevuvdjisbvaf4yqi4n7sgz7lkwgqwxznwy5duj4ad.onion/aRr1wftJbeX7cMjQ/
THIS ROOM IS PURELY OPTIONAL IF YOU ARE NOT COMFORTABLE GOING INTO DARK WEB. PLEASE USE VPN + TOR UPON VISITTING THE SITE
Answer:
- Open tor browser (sey pakai phone apps " https://imgur.com/a/0EnSzTb ")
- Copy paste the link "http://torpastezr7464pevuvdjisbvaf4yqi4n7sgz7lkwgqwxznwy5duj4ad.onion/aRr1wftJbeX7cMjQ/"
- There will be a flag on screen " " WHC{D4RK_W3B_B3G1NN3R} " (sorry dia x bagi screenshot)
- Forensic A--Beginner Forensics
Download Wireshark to analyze .pcap file
Download the Sample File and Open it with Wireshark
There is supposed to be less than 10 items. Click on everything and find a human readable text.
What does the text said, and what number is the item number is the text? How many rows of the "No." column
Flag Format i.e : WHC{36:Hello it's me}
ps: to make it easier, right-click on any item and click Follow > TCP Stream
Answer:
- Download the "set1.pcap" file ( .pcap file ini tgk google, dia capture like listing atau packet data, bru tau so mcm log la.)
- Run di log viewer apps ( https://imgur.com/a/Fp8sBob)
- Flag ada disitu ( sb satu line jek yg complete ayat dia)
- WHC{5:What, me worry} ( 2-3x dok tulis balik) -_-
B--topiputih
Apa makna topi putih?
Pass : WHITEHATCREW
Answer: metadata from picture
- Download file and use 7z zipper to extract file(phone)
- https://imgur.com/a/c8tLju3 ( extracted data)
- Open browser go to " https://www.metadata2go.com/ "
- Open the picture from your folder.
- Found flag at creator name " https://imgur.com/a/0eLdj8c "
C--A walk in the park
Classical! Easy just like a walk in the park.
Answer: tbh i forget how but i remembered " 0x0000 list"
- Download the file and extract using zipper
- Got the picture
- Try and error everything from metadata to string overflow
- The flag should be in line with "0x0000xxx"
- Malware A--Malware A - 1
A "not-so-good" developer brought aboard disaster to a common programming language and you guessed it, someone exploit it to create malware.
What is the file SHA256 hash? WHC{SHA256}
Answer:
- Download the file and extract them
- Open totalvirus and drop the file there to analyze
- https://imgur.com/a/IZ6HDym
- Flag " WHC{ba47f657a4745c96a62c444100d6c38bbff772b47ac03e83dc3ef5d94bc1d77c} "
B--Malware A - 2
What is the threat name, hosts and classification?
Format : WHC{threat name|hosts|classification}
Answer:
- search Data SHA256 from test Mal-A1.
- Found https://www.joesandbox.com/analysis/450613/0/html
- Data threat name and classification obtain here https://imgur.com/a/zfBpyyW
- Host data found here https://imgur.com/a/vCC69ym
C--Malware A - 3
What is the Static File Name? Format: WHC{name.exe}
Answer:
- Data found from here https://www.joesandbox.com/analysis/450613/0/html
D--Adventure Time 100 This is the only non-Dynamic Challenge
Sometimes all you need is a good short break of thrilling adventure.. or is it?
Read Carefully
Answer:
- Download the file and extract
- See inside 😂 there alot of file, so see the hint back
- https://imgur.com/a/lMTCWmm. 4 try and error again Adventure Time.bat run in notepad
- found the flag WHC{} HERE https://imgur.com/a/VwXsJyh
- Cryptography
A--Beginner Cryptography 10 Decode this base64:
YmFzZTY0X2lzX292ZXJyYXRlZA==
Enwrap it in WHC{} like this:-
WHC{your_decoded_text_here}
Answer:
- Open browser or cryptography tool here i use web https://amp.base64decode.org/
- Copy paste the " YmFzZTY0X2lzX292ZXJyYXRlZA==" and run
- Result https://imgur.com/a/pZaCyAN
- Wrap them up with WHC{RESULT}
B--anencephaly
What is this pokemon?
Answer:
- Download file and extract
- Run the " anencephaly" file as doc ( use CODE pad)
- Result https://imgur.com/a/JTy0yxf
- Run the thingy 😂 and we got some >+- symbols.....
- Copy those sign and search on web. Result : brainfuck coding
- Run those BF coding in https://imgur.com/a/4vceJ90
- Take the result run back in base64 encoder
- The flag is the result https://imgur.com/a/HzUNVsx
C--botak
An old uncle is so tired trying to get his password came to you, he forgot his password. Can you try to brute force his password back?
Answer:
- Download the file and extract
- Open the file i as doc in notepad or code pad
- https://imgur.com/a/c0OOVQJ read with care.
- Found something strange. Copypaste them and run at decode.fr
- https://imgur.com/a/FbzEvJD
- Remember THOSE word "penat"
- The result is the flag
Thank that all from me
Grimmy081