Hacker101 is one of the best when it comes to bug bounty. With the intent to brush up my skills to become a good bug bounty hunter, I have started Capture the Flag (CTF) from Hacker101. In its learning path, the very first challenge we get is
- A little something to get you started
When you click Go, you get to the following page
At first, it feels like there is nothing to do here. Trust me. I felt the same. No any buttons to click and no any things to do. Just the text "Welcome to level 0. Enjoy your stay."
So, I began to play around, honestly! I started with manipulating given URL: http://35.190.155.168/bf06d4167c
i.e. changing bf06d4167c values to random number. And then adding some stuff to this URL bf06d4167c/abc etc. I know this was not a smart move. Just gave it a try.
Since, nothing seemed to work, then, I clicked on Developer Tool.
Even here nothing will be obvious in the first look. Again some play around. I saw background-image mentioned in the body section, but nothing can be seen there. So, i searched for background.png in the url itself as: http://35.190.155.168/bf06d4167c/background.png
Voila! there is the flag.
Excellent blog! I read your blog and it’s really impressive that you mainly stress the quality management word. Thank for sharing this blog. This type of blogs is always appreciated.iso-27001-lead-auditor-training
ReplyDeleteThanks you for sharing this unique useful information content with us. Really awesome work.. ISO 9001 Lead Auditor Course Saudi
ReplyDeleteThanks for given detail information to me. keep posting like this. iso-14001
ReplyDeleteFULLZ AVAILABLE WITH HIGH CREDIT SCORES 700+
ReplyDelete(Spammed From Credit Bureau of USA)
=>Contact 24/7<=
Telegram> @killhacks
ICQ> 752822040
FRESHLY SPAMMED
VALID INFO WITH VALID DL EXPIRIES
*All info included*
NAME+SSN+DOB+DL+DL-STATE+ADDRESS
Employee & Bank details included
CC & CVV'S ONLY USA AVAILABLE
$1 for SSN+DOB
$2 for SSN+DOB+DL
$5 for High credit fullz 700+
(bulk order negotiable)
*Payment in all crypto currencies will be accepted
->You can buy few for testing
->Invalid or wrong info will be replaced
->Serious buyers needed for long term
PLEASE DON'T ASK ANYTHING FOR FREE
TOOLS & TUTORIALS AVAILABLE FOR SPAMMING, HACKING & CARDING
(Carding, spamming, hacking, scam page, Cash outs, dumps cash outs)
Ethical Hacking Tools & Tutorials
Kali linux
Facebook & Google hacking
SQL Injector
Bitcoin flasher
Keylogger & Keystroke Logger
Premium Accounts (Netflix, coinbase, FedEx, Pornhub, etc)
Paypal Logins
Bitcoin Cracker
SMTP Linux Root
DUMPS with pins track 1 and 2
Smtp's, Safe Socks, rdp's, VPN, Viruses
Cpanel
Php mailer
Server I.P's & Proxies
HQ Emails Combo
*If you need a valid vendor it's very prime chance, you'll never be disappointed*
CONTACT 24/7
Telegram> @killhacks
ICQ> 752822040
Very nice article..
ReplyDeleteISO 9001 Certification in Bangalore
Nice blog sir, it is very informative blog post post.
ReplyDeleteNow you can also easy to manage theirs document. PDF Signer Software
QUALITY SSN DOB DL HIGH CREDIT SCORES Leads
ReplyDeleteTutorials & E-Books For Ethical Hacking
Tools For Everything You Need
I'm On Telegram = @killhacks & I C Q = 752822040
Stuff for Learning purpose
(Spamming, Ethical Hacking, LINUX, Programming, etc. )
Deals in all kind of Tools, Tutorials, E-books, Leads/Fullz/Pros
Availability 24/7
FASTEST DELIVERY
Build Your Own Business with proper guide
Always glad to serve
GOOD LUCK
Here I'm:
I C Q = 752822040
Tele-gram = @killhacks
ReplyDeleteIt is very useful and knowledgeable. Therefore, I would like to thank you for the efforts you have made in writing this article.
WS-C3650-24PS-E
WS-C3650-24TD-L
WS-C3650-24PD-S
NAME|SSN|DOB|DL|ADDRESS|EMAIL|PHONENUMBER|WORKHISTORY|ACCOUNTDETAILS
ReplyDeleteFresh Fullz & Fresh Spammed
CCNUMBER|MM|YYYY|CVV|NAME|SSN|DOB|ADDRESS|EMAIL|PHONENUMBER
CC fullz with CVV
High Credit Scores Pros 700+
EIN Business Fullz
ICQ 752822040
WA/TG +92 317 272 1122
TG @leadsupplier
Skype/Wickr @peeterhacks
Spamming All fresh Tools & Tutorials
Hacking Stuff
Carding Methods & Cashout Methods
Loan Methods
SMTP's/RDP's/SHELLS/Brutes/C-panels
Key-Loggers/Kali-Linux Full Package
Courses for D**K/D**P Web
SQLi Injector
Combos/I.P's/Proxies
Logs/HQ Emails
ICQ/TG @killhacks
WA +92 317 272 1122
exploit.tools4u at gmail dot com
Hey, that's not the end of the challenge. The flag is actually hexencoded. Decoding it gives a binary file and I am trying hard to solve the binary file puzzle. If you think that the flag is the end of ctf then how to get the point of solving that? Do you got the point?
ReplyDeleteHey Guys!!
ReplyDeleteI found a genuine man on YouTube with the channel name "toolz store". He's selling 100% working spamming tools like SMTP, cpanel's, RDP and many more best spamming tools. I tried one of its tools and its gave me working and accurate result. I must say you should try their tools once.
I have their contacts;
His TeLeGraM = @cpanelmaster
His I.c.Q = @cpanelmaster
He also have a site named = https://toolz.store