CTF

Computer Forensics for File Recovery https://edgy.app/wp-content/uploads/2018/04/dataleakhackerGorodenkoff-970x546.jpg Introduction When a file is “deleted”, its contents aren’t typically erased from the storage device that it was stored on. More often than not, the blocks that stored the file are marked as unallocated and the filesystem pointers are removed from it. The implication is that the file still exists on the disk until it is overwritten. There are many methods to recovering the raw, unallocated data....

https://images.pexels.com/photos/3760778/pexels-photo-3760778.jpeg?auto=compress&cs=tinysrgb&w=1260&h=750&dpr=1 If you’re anything like me, you discovered Impacket, either through a course, Ippsec, or your own research, and you look at the scripts. Your grin turns into horror as you realize the sheer amount of scripts that end with “exec”. They all give you remote access but when do you use which one!? Don’t worry, I have your back. Let’s break them down. PsExec PsExec works by writing a randomly-named binary to the ADMIN$ SMB share (hence why you require write access to that share in order to use it)....

Introduction Hey everyone! This is a write-up of how I was able to pwn the Mustacchio machine. I hope you enjoy! Notes: This was done on a Kali Linux machine so the commands might be slightly different if you are on Windows Enumeration To begin, I scanned for open ports using RustScan. RustScan, for those who have never heard of it, is essentially a much faster version of Nmap. You can use Nmap if you prefer....