metasploit-ctf - Alex B. (r1p) blog

2020 Metasploit Community CTF – Queen of Spades (port 8202) [Web]

Port 8202 hosts a web application with a single login form. Trying to login with random credentials, we observed that it calls a GraphQL API to authenticate against the remote server. With the following payload we can dump the database schema and take a look at it: {__schema{types{name,

writeup

2020 Metasploit Community CTF – 8 of Spades (port 1080) [Networks]

Port 1080 shows a SOCKS 5 service running. We tried establishing a connection through this service, but upon failure we thought it was a false positive brought by the default nmap scripts, so we configured a proxychains route using SOCKS 4. Scanning the network with the socks proxy already set,

writeup

2020 Metasploit Community CTF - 9 of Clubs (port 1337) [PWN]

Port 1337 hosts a TCP service that prompts the user to choose one of several options, and later takes some text input. After trying several techniques, we discovered that it had a format string vulnerability When sending a random string over the second option (2. Greetings), the server replies with