UPDATE: The source repository for all this code is hosted here: https://github.com/antitree/bsidesroc2017ctf Check out the previous 1, 2, 3 and 4 for the other CTF challenges. Rebound Attack I admit this this was the most complex one which is why it was worth 500. The idea is I want you to exploit yourself in very specific ways. This is adapting a research project from years ago where I fingerprint people based on the DNS requets they make.
Check out the previous 1, 2, and 3 for the other CTF challenges. Hop Till You Drop The original plan for this one was to show how you can setup an exit node to allow single hop circuits – in other words, you don’t create a full 3 hop circuit on tor but just use the exit node as the one and only proxy. This is normally banned unless you allow it both at the exit and on the client.
This is a continuation of the previous posts talking about BSidesROC onion related CTF challenges. Port of Onion (PoO) I don’t think anyone got this one mostly because I think they were expecting that it was going to take too long. Here’s the clue: Sail with me on a 3 hour cruise A storm hits us hard but we must not lose Take any port in a storm Just to get some place warm There's only one there; which do you choose?
This is a continuation of the previous post talking about BSidesROC onion related CTF challenges. Double Ontonion One team figured this one out. The point of this challenge is to exemplify a common problem with onion services. Basically, if you don’t configure the web server correctly, there are cases where an onion service might leak additional information about the host. For example, if you were hosting an onion web service on the same server as another web service, you could sometimes replace the Host header with something like “localhost” and have crushing results.