MY INF0S3C JOURNEY 0F TWENTY NINETEEN
Hello everyone,
I hope you are doing great and pwning shells. Well, last year I did my Infosec journey review which you can find [Here]. There is nothing really fancy about my journey, I’m just writing it for my future self. 😜
If anyone here doesn’t know me, I am Spirited wolf and currently, I am pursuing my Bachelor’s degree. I used to play CTFs with my local team PwsecTeam and global ImperiumTeam.
Talking about 2019, it was a complete blast for me. I’ve learned so much not just about infosec related stuff but about life too.
“This life is too big to live, but too short to explore”.
This line just sums up everything I have in mind.
So, In 2019, I met some amazing people like @Nikhith_ , @NinjaParanoid, and @_WarMarX_ (Me and mai boiz). I went on a trip with these guys. I must say these three guys are doing really great and @NinjaParanoid gave me some advice too, after which I tried to change myself (In a good way).
(WarMax (Image left) , ParanoidNinja (Center) , Nikhith (Image Right) , Me (Behind the camera taking picture of my boiz) )
This year, I traveled a lot, hopping from one city to another to prepare for international finals in Russia. Also, in this competition journey, I got the chance to play along with a great Reverse engineer and pwner @iamalsaher (BTW he is from Team @alcapwnctf who has some awesome people, they learn and pwn together.)
The one thing that I learned from the Swapnil was to keep working. Whenever he gets a chance he keeps working on different challenges or reading articles/books and whatnot.
We played well in the finals too. We were competing against 13 countries. This competition was held in Russia. It lasted four days and each day we had to complete different tasks There were challenges related to Forensics, Malware Analysis, Code review, etc.
- Day 1 : On day 1, there were tasks related to Forensics, Malware Analysis/incident response, Code review, etc. We completed 1 out of two 2 forensic challenge, all code reviewing and all malware analysis/insident response tasks. In malware analysis/incident response there was a task in which we not only had to find what attacked was performed, but we had to fix the corrupted data too. The most interesting challenge in the this category was a machine that was infected with a malware that displayed an image on the screen for 55 seconds every minute. So we only had that 5 seconds in which we have to find out what tasks were running. We saw that it automatically starts a service. We forcly stopped the service and then we started looking at the registry, and we found that it was trying to run a “.exe” file every minute, which was linked to another “.bat” file. So, we had to find all the locations and delete everything related to this malware. It was a pretty fun task. I don't even remember the other things.
- Day 2 : We had to set up the Active Directory (Ahh talking about the AD, we will come to it later in this blog post) and harden it by applying different policies that the experts asked us to enforce. We also had to harden the Cent OS and the switch / ASA Firewall. Apart from the hardening, we had to configure the services also, like HTTP with a self-signed SSL certificate, FTP, Router etc.
- Day 3 : It was the red team day. We had to exploit 3 machines and find the flags. It was one of the most interesting day. It was just like HTB or vulnhub.
- Day 4 : The day 4 was the Blue team day. The machines were under attack and we had to analyze the traffic and find the flags. It was a pretty great experience. As we had to configure the FortiGate firewall and the Splunk to see more enriched logs.
We played well , and I made some awesome friends there @8ayac , @ravernkoh , @ImStillDissin and @shift_crops he is from “Tokyo Westerns” team. There was the guy from Oops team also, but sadly I am not in touch with him. @8ayac had this cute little laptop,
Which weighed a few grams. It was so lightweight. I guess it is available only in Japan. But it was great, and he is a bug hunter, so if you have any query then just shoot him a PM :p haha. At the end of this amazing competition, @iamalsaher told me just one thing
“Instead of learning the technique, learn and try to understand computer science”
which I am looking forward to. 😼
Then after this competition, the organizers threw a party,
Then I came back to my university, played a couple of more CTFs with my CTF team:- PwsecTeam [Members:- Me , @felli0t (He is a jack of all trades) , @r0hanSH (Master of Reverse engineering/ Forensics / Binary Exploitation, but on his way to master all the trades haha xD ) and @sarc_astikk (Learner, But now he is good with web applications)] these are some amazing teammates that this team could ever have.
(Just one of the favourite places)
I am looking forward to play more CTFs from now onwards with this team. Recently I and @r0hanSH got the chance to play one onsite DSCI CTF finals. We were doing great, half of the time we were leading the scoreboard too.
(Pwn++ is PwsecTeam)
But haha in the end we didn’t win, we came 5th. There was some nice challenges but they could have been better. I met the members of a growing CTFteam @dc1ph3r :- @MrT4ntr4 and @hak1mlukha. They are such an amazing guy. Definitely join their team’s discord server.
Apart from that I again contributed to the community by writing various Walkthrough[s] of the machines that I found great and interesting as always.
- https://www.peerlyst.com/posts/how-to-break-into-raven-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-raven-2-machine-a-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-four-and-six-2-machine-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-dummy-machine-as-a-wizard-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-nullbyte-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-matrix-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-fowsniff-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-dev-random-pipe-machine-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-kuya-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-unknowndevice64-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-dc1-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-r00tme-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-devlife-machine-as-a-wizard-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-pinky-s-palace-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-matrix-2-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-sickos-1-2-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-bot-challenges-dexter-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-dina-1-0-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-milnet-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-teuchter-0-3-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-imf-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-flick-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-dc-2-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-dc-3-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-dc-4-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-dc-5-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-dc-6-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-kfiofan-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-hackthebox-friendzone-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-sectalks-bne0x03-simple-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-rootthis-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-sp-jerome-v1-0-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-sunset-1-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-sunset-nightfall-machine-ctf-writeup-spirited-wolf
- https://www.peerlyst.com/posts/how-to-break-into-swagshop-hackthebox-machine-ctf-writeup-spirited-wolf
You can check all my walkthrough from here:- [TALE OF SPIRITED WOLF WALKTHROUGH]
If you are not into this HTB or vulnhub thing and want to read some CTF writeups then you must check @r0hanSH’s blog:- r0hansh.github.io or watch “John Hammond” or “LiveOverflow” YouTube channel videos.
Apart from that, I recently started solving hackthebox machines again and found them really difficult due to lack of practice. There was this machine named “Forest” which was completely new to me. As before it, I didn’t have much of the AD experience, but my teammate @r0hanSH helped me and I learned a lot.
Before this, I really didn’t know about the p******ge e********n through e*******e group and usage of i******t. Sorry from these “*” but the machine is not retired yet. So, I don’t want to give out any spoilers. If you are getting started into AD pentesting then you should follow @harmj0y and @ropnop research.
Before this, I really didn’t know about the p******ge e********n through e*******e group and usage of i******t. Sorry from these “*” but the machine is not retired yet. So, I don’t want to give out any spoilers. If you are getting started into AD pentesting then you should follow @harmj0y and @ropnop research.
Also, I learned python in this whole CTF journey. Tried to automate some stuff, now I am learning different languages like GO for automating the stuff, Rust for the future self and C# for my “Game Designing Class”. I am still learning, so can’t say much about these but a good reference to learn these languages would be from these three awesome books.
Also @Nikhith_ told me to learn and clear the basics of C++, which I still have to do. Because he is the guy with a lot of information in his head. He is like my elder brother and he always supports me whatever I do (Hopefully).
Also if you are getting started then I would say you should read or atleast check "The Web Application Hacker's Handbook".
Then after getting through this book, you can start practicing on PentesterLab
I can guarantee you that you will definitely learn something new from these two resources.
In last the only thing I wanted to say is
“GO AND START WORKING, DON’T THINK YOU CAN’T UNDERSTAND IT RIGHT NOW. IF YOU ARE MADLY IN LOVE, DON’T DISTRACT YOURSELF OVERTHINKING THAT SHE/HE IS CHEATING OR NOT RESPONDING. JUST STOP GIVING THESE TYPE OF EXCUSES. DON’T WASTE YOUR FUCKING TIME. IF YOU THINK ARE NOT READY, YOU WILL NEVER BE READY. START TODAY. TODAY IS THE TIME , DON’T WASTE IT” ,
I have learned these things from some awesome people like @Nikhith_ , @NinjaParanoid , @felli0t , @ahm3dsec, @r0hanSH , @trickster012 , @haxel0rd ,@hexachordanu and @iamalsaher.
[Ohh sorry I forgot to add, develop the report writing skills guys haha. You won’t regret it.]
I have also started looking for a job, If you or you know someone who is hiring then please let me know. My E-mail is :- spiritedwolf@protonmail.com
Inspiration:-
These lines motivated me to work even more hard on my dreams.
This was an amazing year, I cried for a girl, laughed with amazing people, had some bitter-sweet experiences. Hahaha also went to the police station (Not related to cybersecurity, just met a road accident). Now I have no feelings. Life is too big and we have so much to learn, explore and accomplish. I am on my way. If you know me or like my work please subscribe to my channel && follow me on twitter.
See you all next year with new air, new life , new work , new things , new mindset , new tools, new knowledge and as a nice human. Till then, learn, pwn, eat, repeat. 😜
Thanks & Regards,
Spirited Wolf
3 comments
🟢Hire the best and fastest HACKERS on the web today. We give you HACKING SERVICES better than any HACKING group you can find in the internet. Our HACKERS are available for 24/7, always ready to attend to you at any time of the day, anywhere in the world.
Reply🟢 There are no limits to what we can do. Don’t be surprised we say this. Hacking isn’t as difficult as it sounds, as so many HACKING equipments(softwares, virus, spyware, Trojan) are made available in the dark web and this has made HACKING very easy to perform. There are different varieties of Hacking Service we offer, such a as
✅Phone📱📲 /Computer💻 Hacks & Tracking
✅Emails 📧 & Social Media account Hacks/password recovery
✅Raising Money 💰 using (Bitcoin Mining, Money Flip e.t.c)
✅Recovery of deleted files e.t.c
🟢If you need hacking services, PYTHONAX are the group you should contact. We have a strong policy that covers our Customers Privacy. We do not ask our Customers Targets and intention for any job given to us, we simply do our job and provide a strong security to customers so that our services can’t be traced to them.
🟠Payment for our services will only be collected after Customers have certified and confirmed the completion of their job. For no reason do we collect upfront for services. But note that Customers will have to pay for Hacking Equipments if necessary before a job would be done.
🔴Beware of FRAUDSTERS claiming to be HACKERS and ripping people of their money, they saying things and share false testimonies to Attract people and Lure them. The are everywhere in the internet even here in this site, be careful of them. We have come across so many of this FRAUDSTERS Victims and some have been lucky to get back what was falsely taken from them.
Below are list of our emails you can contact if you need our services
Email-:
pythonaxhacks@gmail.com
pythonaxservices@gmail.com
2019 © PYTHONAX.
Selling good and fresh cvv fullz
Replytrack 1 and 2 with pin
bank login
bank transfer
writing cheques
transfer to cc ...
Sell Fresh CVV - Western Union Transfer - Bank Login - Card Dumps - Paypal - Ship
Fresh Cards, Selling Dumps, Cvvs, Fullz
Tickets,Hotels,Credit card topup...Paypal transfer, Mailer,Smtp,western union login,
Book Flight Online
SELL CVV GOOD And HACK BIG CVV GOOD Credit Card
Fresh Cards. Selling Dumps, Cvvs, Fullz.Tickets,Hotels,Credit cards
Sell Cvv(cc) - Wu Transfer - Card Dumps - Bank login/paypal
And many more other hacking services
contact me : hackerw169@gmail.com
ICQ: 699 396 818
- I have account paypal with good balance
- I hope u good customers and will be long-term cooperation
Prices Western Union Online Transfer
-Transfer(Eu,Uk,Asia,Canada,Us,France,Germany,Italy and very
easy to do African)
- 200$ = 1500$ (MTCN and sender name + country sender)
- 350$ = 4000$ (MTCN and sender name + country sender)
- 500$ = 6000$ (MTCN and sender name + country sender)
- 600$ = 8000$ (MTCN and sender name + country sender)
Then i will do transfer's for you, After about 30 mins you'll have
MTCN and sender name + country sender
- Dumps prices
- Tracks 1&2 US = 85$ per 1
- Tracks 1&2 UK = 100$ per 1
- Tracks 1&2 CA / AU = 110$ per 1
- Tracks 1&2 EU = 120$ per 1
Bank Logins Prices US UK CA AU EU
- Bank Us : ( HALIFAX,BOA,CHASE,Wells Fargo...)
. Balance 5000$ = 250$
. Balance 8000$ = 400$
. Balance 12000$ = 600$
. Balance 15000$ = 800$
. Balance 20000$ = 1000$
- Bank UK : ( LLOYDS TSB,BARCLAYS,Standard Chartered,HSBC...)
. Balance 5000 GBP = 300 GBP
. Balance 12000 GBP = 600 GBP
. Balance 16000 GBP = 700 GBP
. Balance 20000 GBP = 1000 GBP
. Balance 30000 GBP = 1200 GBP
contact me : hackerw169@gmail.com
ICQ: 699 396 818
My ex ruined my credit due to his incessant extravagant spending spree, I found myself in a big mess. I talked to a credit repair company and I was told that it would take me non less than a year to fix my credit. I was devastated, that's a very long time which I can't cope with. I looked online and came across Credit Doctor's contact, hit him up and to my greatest surprise, my credit was repaired in 4 working days from 486 -810. I was so amazed and it didn't cost me too much really. I implore you to contact him on for all credit issues and hacking issues. No doubt that he's the best out there and your problems will be solved!
ReplyHACKINTECHNOLOGY@GMAIL.COM
+16692252253
Please tell us if we have done anything wrong :) and please share our website if you like.