BitWarriors Blog

Cyber Security Network / CTF Team

MapleCTF 2022 - Pickle Factory [Web]

28 August 2022

From JSON to pickle to SSTI

4 min read - lean  Read More about MapleCTF 2022 - Pickle Factory [Web]

WMCTF 2022 - nanoScore [Web]

25 August 2022

nanoScore web challenge writeup

1 min read - dhmosfunk  Read More about WMCTF 2022 - nanoScore [Web]

Bug Bounty Hunting Methodology

10 February 2022

theo0k's Bug Bounty Hunting Methodology

2 min read - theo0k  Read More about Bug Bounty Hunting Methodology

DiceCTF - knock-knock [Web]

6 February 2022

Writeup for DiceCTF knock-knock challenge

2 min read - dhmosfunk  Read More about DiceCTF - knock-knock [Web]

Handling Lockfile ransomware and detecting NTLM Relay Attacks

4 February 2022

The Ransomware TTP'S have evolved throughout the years. In this article, we're going to discuss the identification of several Attacks that have been detected to the known 'LockFile' Ransomware.

3 min read - fr0z830  Read More about Handling Lockfile ransomware and detecting NTLM Relay Attacks

Weak Service Permissions Abuse Methodology

1 February 2022

Abuse Windows service misconfigurations that allow an attacker to elevate their privileges.

1 min read - nickvourd  Read More about Weak Service Permissions Abuse Methodology

Weak Service Binary Permissions Abuse Methodology

1 February 2022

Abuse Windows service binary misconfigurations that allow an attacker to elevate their privileges.

1 min read - nickvourd  Read More about Weak Service Binary Permissions Abuse Methodology

Unquoted Service Path Abuse Methodology

27 January 2022

An unquoted service path is where the path to the service binary is not wrapped in quotes. When Windows attempts to read the path to this executable, it interprets the space as a terminator.

2 min read - nickvourd  Read More about Unquoted Service Path Abuse Methodology

RealWorldCTF - SVME [Pwn] (93 solves)

23 January 2022

Professor Terence Parr has taught us [how to build a virtual machine](https://www.slideshare.net/parrt/how-to-build-a-virtual-machine). Now it's time to break it!

6 min read - un1c0rn  Read More about RealWorldCTF - SVME [Pwn] (93 solves)

RealWorldCTF - Hack into Skynet [Web] (81 solves)

23 January 2022

Hack into skynet to save the world, which way do you prefer?

4 min read - c7c3r0  Read More about RealWorldCTF - Hack into Skynet [Web] (81 solves)