Skip to content

Latest commit

 

History

History

0x0A Cuzco's Great Adventure Flag

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
 
 
 
 

0x0A Cuzco's Great Adventure Flag

20pts

Category

Web

Briefing

Now that you’ve helped her open and view the file, Cuzco knows two things. One, the file creator should work on password complexity. Two, before visiting the website on the flyer, she should investigate it using some threat hunter sites. Investigate the site with the following tools:

Use https://www.whois.com/ or the whois command on the command line

URLscanner https://urlscan.io/ make sure it is a private scan

Pulsedive at https://pulsedive.com/ and complete a passive scan of the site

Based on your research, what year was this site first registered?

Also, what level of risk would Cuzco be taking on if she were to visit the site?

Flag format FLAG{YEAR___***}

Cuzco had traveled far, met new friends, worked on balance, gained new knowledge, and gained 10 flags - effectively working on 10x her skills. She knew that eventually, she’d need to go back 127.0.0.1 (an IP address for localhost usually meaning you are home), and she had gained so much on her quest.

She decided to review a few resources to make her trip home a learning experience and have some balance too:

https://www.sans.org/blog/dont-miss-these-top-rated-sans-summit-replays/

https://www.sans.org/blog/visual-summary-of-sans-new-to-cyber-summit/

https://wakelet.com/wake/ZoDim7iESNHwLFr4DJeOC

And because balance:

https://youtu.be/VZrDxD0Za9I?list=PLu4wnki9NI_8VmJ7Qz_byhKwCquXcy6u9

https://youtu.be/f0RQ5C7g_tA?list=PLnzLfzo-SovQvT8zbcBdkeNkwZ38f2SAM

She safely made it back to her 127.0.0.1, and once she arrived, she found that her home was more open than she remembered. There was more community surrounding it than she thought. She just had to look out the window and remember she’d had her adventure, there was help to be found, and she was part of this community - she belonged! Remember you belong here and are part of our community too.

Solution

Using the provided website Pulsedive shows that the website is Very low risk and registered in 2002:

pulsedive.png

Flag

Flag: 2002_very_low_risk