CTF Challenge Samples - Edition 1 These cover somve of the CTF challenges I developed during my time operating under the ISSS organization at UT Austin. The OSINT challenges in particular, one of my main departments, will be mostly skipped for TOS concerns. Open-Source Intelligence (OSINT) Though I …

Cap (Easy) Box Cap is a retired easy box from HackTheBox. It provides a light introduction into IDOR and Linux capability exploitation. Initial Foothold Let’s start off with enumerating the ports. We can use nmap for this task. nmap <TARGET-IP> This gives us three open ports for numbers …

Shocker (Easy) Box The Shocker box is an easy machine on HTB. It explores web enumeration and the ShellShock exploit. Initial Foothold Let’s do an NMAP scan of the server: nmap <TARGET-IP> Port 80 and Port 2222 seem to be open. A service scan on both port shows us that port 2222 is …