Deagler's 4n6 Blog

After two weeks of challenging questions, week 7's Magnet Weekly CTF challenge is much more relenting and gentle than before. Despite the challenge was created as a three-parter, all the answers could be found from one single file. So this week's challenge questions are: What is the IP address of the HDFS primary node? Is the IP address on HDFS-Primary dynamically or statically assigned? What is the interface name for the primary HDFS node? In order to locate the answers to these questions, the /etc/network/interfaces file from the HDFS primary node should be looked at: And boom, all the answers could be found here!  What is the IP address of the HDFS primary node? ( 192.168.2.100 ) Is the IP address on HDFS-Primary dynamically or statically assigned? ( static ) What is the interface name for the primary HDFS node? ( ens33 ) Case closed for this week.

Here comes the week 6 challenge of the Magnet Weekly CTF challenge. For the first time, the challenge was divided into a two-parter. Participants would need to solve the 1st part of the challenge in order to view and solve the 2nd. The 1st part was relatively easy, as a gentle warm-up to the 2nd part. Part I The 1st part of the challenge asked the following: Because the flag was a numerical error code attributed to a failed Hadoop dependency installation, the first thing to check had to be the Linux package manager logs. Since " apt " package manager was used on all nodes, the directory " /var/log/apt " on both HDFS secondary nodes should be inspected carefully: From the contents of " history.log " file, there were errors occurred during the installation of Oracle Java 7 and 8 packages and the " dpkg " subprocess returned a "1" error code.  So the answer to part 1 challenge should be "1" and sadly it was not the correct answer

Another week (and month) has gone and the Magnet Weekly CTF Challenge has entered week 5. As announced by the CTF organisers, Linux images prepared by Prof. Ali Hadi would be used for November's CTF challenges and they could be downloaded from here . The first November challenge question is not a long one, yet still an interesting one: It is worth mentioning that the Linux images (3 in total, 1 HDFS primary and 2 HDFS secondary nodes) came from a "Hadoop Distributed File System" (HDFS) environment. Since the phrase  "Had-A-Loop" rhymes with "Hadoop", it would be a no-brainer to look at the HDFS first.  Diving into the HDFS Storage The HDFS primary node image was examined first. The Hadoop was installed under " /usr/local/hadoop/ " directory and the HDFS data storage location was designated by the directory value in " dfs.datanode.data.dir " property in a  " hdfs-site.xml ", which could be found in the  " /usr/local/h

This week's Magnet Weekly CTF Challenge is: First things first, I did not crack this week's challenge with the given 3 attempts. Stupid decisions were made in a rush, which resulted in barking up the wrong tree.  Thankfully, I came to my senses and eventually worked out the correct answer. Let's start with the correct solution and walkthrough first. The Correct Way According to the mighty Google, "Animals That Never Forget" refers to Elephants🐘 .  A well-known notes app with an Elephant logo immediately came across my mind. Evernote app was installed the provided Android device. Chester's Phishing Expedition template could be found in the "content.enml" under the "/data/data/com.evernote/files/user-213777210/notes/c80/c80ab339-7bec-4b33-8537-4f5a5bd3dd25" directory, At this moment, it looked like the answer should be " c80ab339-7bec-4b33-8537-4f5a5bd3dd25", right? Do not forget the challenge specifically asked for "the orig