Project URL: https://github.com/thebriandurham/CTFs

For as long as I'm doing CTFs, this project will be pinned. You can check out my writeups for CTFs at the URL above. Currently documented CTFS:

• • Hack the Box - Business CTF 2022
    • Breakout
      • Challenge: A C2 implant's interface was left exposed on a victim's webserver. Break into the interface and enumerate its functionality.
      • Compromised the C2 interface and extracted a non-native binary, 'bkd.'
      • Performed analysis on the binary and extracted the flag from multiple strings present in the compiled code.
    • Chromeminer
      • Challenge: A browser extension is believed to host cryptomining malware. Investigate.
      • Downloaded and unzipped the .crx (browser extension) file.
      • Reverse engineered heavily obfuscated malicious javascript code to retrieve the flag.
    • Lina's Invitation
      • Challenge: A CEO's password vault has been compromised after receiving an email with an attachment. Review the provided PCAP file and attachment to determine how he was compromised.
      • Unzipped the attachment (a .docx file), used OLE Tools suite to analyze its contents, and discovered malicious VBA macros calling out to a fake Windows Update site and containing a part of the flag.
      • Analyzed the provided PCAP file and found two indicators of compromised: a malicious HTML payload and some obfuscated PowerShell commands.
      • De-obfuscated the malicious HTML payload to discover part of the flag.
      • De-obfuscated and reverse-engineered the PowerShell payload to reveal the final part of the flag.