WolvCTF 2024

CTF link. I get that the attackers were in my PC, but how did they achieve persistence? We use the OSForensics tool to do forensics in our.DMP file. The free version will do the job. We use the Hex/String Viewer feature to look at the detailed contents of the file and here we notice the …

CTF link. I recently had my passwords and other sensitive data leaked, but I have no idea how. Can you figure out how the attacker got in to my PC? The pcap file is opened in Wireshark and if we browse the packet in it, SMB packages attract attention and we select SMB as a …

CTF link. Hi there incident responder. So we have this company that was breached sometime last week, but their SOC team only keeps HTTP request logs 🙁 We took down all of our wolvsecsolutions websites as a precaution. Maybe there’s still a way to figure out what happened? Why did they click on a suspicious link? Somebody …

CTF link. We need to search for a social media account, again we do a simple search and discover a Facebook page. When we check his Facebook account, we come across a video. If we pause the video while closing the screen sharing at the end of the video, we find a discord channel. We …

CTF link. A new ransomware group you may have heard about has emerged: WOLPHV There’s already been reports of their presence in articles and posts. NOTE: Wolphv’s twitter/X account and https://wolphv.chal.wolvsec.org/ are out of scope for all these challenges. Any flags found from these are not a part of these challenges This is a start to a 5 part series …

CTF link. i couldn’t log in to my server so my friend kindly spun up a server to let me test makefiles. at least, they thought i couldn’t log in 😛 Download the code of the page by clicking on the link and examine it in detail. Detailed explanation of the code is made in …

CTF link. I have encrypted some text but it seems I have lost the key! Can you find it? With the hint given in the Hint section, we rearrange the code according to XOR. “A text string can only be decrypted by reapplying the XOR function with the key” wctf{X0R_i5_f0rEv3r_My_L0Ve} Aleyna DoğanHello, I am Aleyna …

CTF link. WOLPHV sent me this file. Not sure what to comment about it We download a jpg file. If we examine the jpg file with Exiftool, we will find the flag in the comment section. wctf{h1dd3n_d4t4_n0T_s0_h1dD3N} Aleyna DoğanHello, I am Aleyna Doğan. I work as a Cyber Threat Intelligence Analyst. In my blog, we …

CTF link. Someone told me WolvSec has a Reddit account. I wonder if they left a flag there… We can access the flag with a simple Google search. wctf{h41L_t0_th3_v1ct0rs_v4l14nt_h41L_t0_tH3_c0Nqu3r1nG_h3r035} Aleyna DoğanHello, I am Aleyna Doğan. I work as a Cyber Threat Intelligence Analyst. In my blog, we write blog posts that my friends and I …