The challenge description was: (y) 10.13.37.13 Visiting the link we are greeted with Mr. Mittens website: After checking the contact page we can see in the url that there is a LFI vulnerability where we can successfully load the content of files hosted on the server. http://10.13.37.13/?page=contact.html Still, while it's quite a big issue we can't do much from there. After checking the source..[read more]
My name is Themistokle Benetatos and I enjoy programming and creating computer graphics.
I am also the co-founder of Monologue, a motion design studio based in Athens.
Latest blog posts
The challenge description was: That fucking manager got smarter. He moved to house number 22, but we got this: fuckmanagers.pcap First thing to do was visit the new manager's "house" at 10.13.37.22, we are greeted with a login form and there isn't anything really interesting to get from here. While checking the source of the page we can see at the bottom..[read more]
The challenge description was: My manager lives at 10.13.37.21. Any guest is always welcome. But he has a secret. Can you find it out? After visiting the page at 10.13.37.21 we are greeted with a login form: We can't do much from here, only thing we notice is the password is accepted when 16 characters long. If smaller it says the password..[read more]
The challenge description was: Find flag in [this] file: Let's see what we have here: mrt:~/asis/tictac$ file tictac_4c56077190984fde63900b3ba14d11dd tictac_4c56077190984fde63900b3ba14d11dd: XZ compressed data mrt:~/asis/tictac$ cp tictac_4c56077190984fde63900b3ba14d11dd tictac.xz mrt:~/asis/tictac$ unxz tictac.xz mrt:~/asis/tictac$ file tictac tictac: pcap-ng capture file - version 1.0 The pcap-ng file format is a new pcap format, we can open it with Wireshark 1.99 (dev release) and this time no patching like in the capsule challenge: We have..[read more]