Thursday, March 26, 2015

Infosec Instite n00bs CTF Labs LEVEL 15

URL :http://ctf.infosecinstitute.com/levelfifteen/index.php

Hint  : DNS lookup
lets see what happen with input 127.0.0.1

its like a linux command dig  : http://en.wikipedia.org/wiki/Dig_%28command%29

check command injection using input 127.0.0.1;ls -al


 check command injection using input 127.0.0.1;cat .hey




I found this string in .hey  : 
 
Miux+mT6Kkcx+IhyMjTFnxT6KjAa+i6ZLibC
 
The format of this message is like a variante of Base64  encoding system 
 
lets check decoding using :
 
atom128
megan35
zong22
hazz15
base
 
online tools http://crypo.in.ua/tools/
 
 












 
 
 
Flag : infosec_flagis_rceatomized



at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)