The ForoCIBER 2018 was an interesting conference about technological law and IT security where speakers like Eloy Velasco and Enrique Ávila spoke about cybersecurity. However, this year, ForoCIBER came with a CyberSecurity Challenge as well where young people with less than 35 years old and knowledges about reverse engineering, exploiting, forensics, hacking, cryptography and steganography could participate to show their technical skills and win some award. Therefore, I took the plunge to resolve these CyberSecurity Challenges.
The first challenge was about hacking where I had to find out a hidden word into a server. I only had the public IP address of the server but I knew soon remote services like SSH and MySQL was published to Internet, after scanning and testing with Nmap and Telnet. A Vulnerability assessment was the second thing I launched to know whether remote services had some important issue to exploit. I also launched Armitage to exploit the remote services but I got nothing. Finally, it was easier than all of this because administrator credentials to get into MySQL database was by default, where the magic word was hidden.
The second challenge was about hacking, cryptography and exploiting where I had to steal a database from a webpage to know the credentials of a WebShell then I had to decrypt the magic words. Stealing the database wasn’t difficult because it was vulnerable to SQLi attack. However, credentials of the WebShell were encrypted. I was thinking about the encryption algorithm for hours till I realised letters were rotated 14 letters to the left. Once I knew the encryption algorithm, it was easy logging in to the WebShell and find out the magic words.
The third challenge was about forensics where the challenger gave us a tar.gz file for Capturing The Flag (CTF). The tar.gz file contained a text file with hashing information and another file, in fact a RAW image, which was split in many and small files of 100 bytes. Next, I put together all the files thanks to the windows type command, although it could have been used cat or affuse as well. The RAW image contained three pictures and two zip files with password protection, that I cracked with the fcrackzip tool. Digging into the decompressed files, I found a picture file with the flag hidden into the metadata.
The last challenge was about steganography and forensics where I had to find out the magic word using an IMG image. First, I mounted the image which contained tools, like HxD, Recuva and JPHS, and an empty folder called ”Imagenes”. Next, I used FTK Imager and Autopsy for searching for deleted files where there were a stegocontainer and a link to download the password for accessing to the stegocontainer. However, the password was a picture but thanks to the picture name and the HxD tool, I got the real password to get into the stegocontainer for reading the magic word.
It took me nearly 28 hours for resolving these challenges which was amazing because I was thinking about the challenges for all day to find out tips and steps. At the end, I got the second award, which was an iPad. Thank you. Thanks to the University of Extremadura and Viewnext for this interesting initiative about CyberSecurity.
|CyberSecurity Challenge Awards
Best regards my friends. I’ve requested to be a challenger next year. We’ll see. Thanks.