Defense Evasion
2023
Squid Game CTF - Hc0n 2023
        
        
        
      
  
  
  ·3123 words·15 mins
  
  
  
secu
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
    
  
    Defense Evasion
  
  
  
  
  
  
  
  
  
  
  
  
    
  
    kraken
  
  
  
  
    
  
    webshell
  
  
  
  
    
  
    redteam
  
  
  
  
    
  
    ctf
  
  
  
  
  
  
      
        Squid Game is a CTF created for the congress: Hc0n 2023. It consists of three Boot2root style challenges through an initial web access. The objective of the challenges is: to perform a post-exploitation via webshell on restricted environments and to gain privileges. In this post, we will show the proposed solutions for these challenges.
      
      
    Kraken Fundamentals - II
        
        
        
      
  
  
  ·2834 words·14 mins
  
  
  
secu
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
    
  
    Persistence
  
  
  
  
    
  
    Defense Evasion
  
  
  
  
  
  
  
  
  
  
  
  
    
  
    kraken
  
  
  
  
    
  
    webshell
  
  
  
  
    
  
    redteam
  
  
  
  
  
  
      
        Two fundamental pieces of Kraken’s logic are the Modules and Agents. Through these components, you will understand how Kraken performs code execution and takes advantage of its design and architecture to provide the operator with some flexibility and comfort during the post-exploitation phase.
      
      
    Kraken Fundamentals - I
        
        
        
      
  
  
  ·1152 words·6 mins
  
  
  
secu
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
    
  
    Persistence
  
  
  
  
    
  
    Defense Evasion
  
  
  
  
  
  
  
  
  
  
  
  
    
  
    kraken
  
  
  
  
    
  
    webshell
  
  
  
  
    
  
    redteam
  
  
  
  
  
  
      
        Kraken is a tool for orchestrating webshells developed in PHP, Java and .NET. This is the first post of the Kraken Fundamentals series, where we will talk about how the tool is designed and how it works.
      
      
    