CTFs shortcuts

Find flag

# if the flag looks like : flag{*****}
grep -irl flag{ $path

# if the flag is a .txt file
find / -iname "*.txt" 2>/dev/null
find / -iname "config.php" 2>/dev/null
find / -iname "flag.txt" 2>/dev/null

# find presence of chrootkit
find / -type f -name chkrootkit 2>/dev/null

Web Dev

Mozilla Firefox

CTRL + SHIFT + I

HTTP Headers Response

curl -sSL -D - $ip -o /dev/null
curl -s -I -X POST http://$ip

Stabilize Reverse shell

use CTRL + C

# In reverse shell
python -c 'import pty; pty.spawn("/bin/bash")'
Ctrl-Z
# In OS
stty raw -echo
fg

There's three popular ways I use to stabilize a reverse shell;

Python, as mentioned above.
riwrap, which prepends to a netcat shell for additional terminal features.
Socat, which is a step above netcat but must be manually transferred over and launched on the target machine.

PreviousIs There Life After Death ?NextAudits plan

Last updated 11 months ago

Was this helpful?