Metasploit Community CTF 2018 Writeup
This is a brief writeup of the CTF since I originally didn't intend on doing a writeup! There was limited time to capture writeup notes after the competition ended, so this is more of a writeup/brain dump.
November 30th, 2018 - December 3rd, 2018
Players / Teams
Max capacity: 1,000 teams - with any number of players using team account
Each team is given a Kali instance to ssh into, and from there we could attack the two targets.
One target was an Ubuntu box which was running many docker containers. It was possible to eventually break out of a container and get onto the Ubuntu host as you can see below:
The other target was a Windows box, where the only entry point was a Buffer Overflow exploit on port 4444. I did not get a shell here until after the competition was over, but captured as many files as I could in that time.
Flags came in the form of PNGs showing an image of a card, and to submit the flag we had to subit the MD5 sum of the image. Each of the cards had a nice description about how it's related to Metasploit, like card X is where our office is or card Y is our CEO, but that information disappeared once the CTF finished.
There were 15 flags in total. 9 flags were in Ubuntu, 5 in Windows, and 1 flag required files that lived in both boxes.
- 2 of Clubs (WMI)
- King of Diamonds (libssh)
- 2 of Diamonds (Vax)
- 6 of Hearts (Goliath - Metasploit data service)
- 10 of Hearts (Struts)
- Queen of Clubs (MIME)
- Ace of Diamonds (flag_finder_9000.exe)
- 10 of Diamonds (Heavily obfuscated EXE)
- 9 of Hearts (port 8777)
- Ace of Hearts (GPG)
- 3 of Clubs (Terms of Service)
- 5 of Spades (Msf module - port 9021)
- 3 of Diamonds (SQLi)
- 9 of Spades (encrypted flag)
My team came 19th.