Links people will need

Exif: http://exif.regex.info/exif.cgi Pigpen: https://www.boxentriq.com/code-breaking/pigpen-cipher

More advanced challenges

Steg: https://futureboy.us/stegano/decinput.html Piet: https://www.bertnase.de/npiet/npiet-execute.php

Post 1

Defaced internal website leads to the Crypto messages.

Clue 1 - Base64

Plain

I've been a member of the elite hacker group known as "batmen" for over 7 years, and I know a thing or two about hacking.

In the Crypto Post...

Clue

SSd2ZSBiZWVuIGEgbWVtYmVyIG9mIHRoZSBlbGl0ZSBoYWNrZXIgZ3JvdXAga25vd24gYXMgImJhdG1lbiIgZm9yIG92ZXIgNyB5ZWFycywgYW5kIEkga25vdyBhIHRoaW5nIG9yIHR3byBhYm91dCBoYWNraW5nLiA=

Clue 2 - Rot13

Plain

Attack log: successful use of "venn_diagrams" remote access and rootkit suite

In the Database Post

Clue

Nggnpx ybt: fhpprffshy hfr bs "iraa_qvntenzf" erzbgr npprff naq ebbgxvg fhvgr

Clue 3 - Pig pen

In the Phishing Net Post.....

Plain

hardsell trojan deployed successful injection hardsell backdoor initiated

Clue

Clue 4 - Bacon

Plain

Last log-in from one two eight dot one two eight dot zero dot six

Clue

01010 00000 10001 10010 01010 01101 00110 01000 01100 00101 10000 01101 01011 01101 01100 00100 10010 10100 01101 00100 01000 00110 00111 10010 00011 01101 10010 01101 01100 00100 10010 10100 01101 00100 01000 00110 00111 10010 00011 01101 10010 10111 00100 10000 01101 00011 01101 10010 10001 01000 10101

Extra hard stuff

flag:colourbynumbers

Post 2

Exif data

Three images in the folder

window.jpg has a png hidden inside, can be decoded with the online steg decoder above

flag:hiddeninplainsight

Post 3

Known affiliation leads them to the hacker org website

Secret dir from logs available... also basicauth creds

Message on the forum claiming the recent attack against X was done by the Coventry contingent

(Extra challenge: web stuff, SQL injection, XSS?)

Possible Web Challenge. FLATCORE CMS.... It’s a cool hack (and via user agent)

Webinar

People will know:

What has happened

The last few potential hackers

Captured phone: screenshot showing they use the "hardsell" exploit

Only one last person...

IOC/guesswhom

About

Resources

Stars

Watchers

Forks

Releases

Contributors 2

Languages