Posts by JollyFrogs

Objective 5: AD Privilege Discovery

Difficulty: 3/5Using the data set contained in this SANS Slingshot Linux image (https://download.holidayhackchallenge.com/HHC2018-DomainHack_2018-12-19.ova), find a reliable path from a Kerberoastable user to the Domain Admins group. What's the user's logon name? Remember to avoid RDP as a control path as it depends on separate local privilege escalation flaws. For [..]

Objective 4: Data Repo Analysis

Difficulty: 2/5Retrieve the encrypted ZIP file from the North Pole Git repository (https://git.kringlecastle.com/Upatree/santas_castle_automation). What is the password to open this file? For hints on achieving this objective, please visit Wunorse Openslae and help him with Stall Mucking Report Cranberry Pi terminal challenge.Note: Wunorse Openslae is found on Ground floor [..]

Objective 3: De Bruijn Sequences

Note: This objective is found on Floor 1 - East corridorDifficulty: 1/5When you break into the speaker unpreparedness room, what does Morcel Nougat say?For hints on achieving this objective, please visit Tangle Coalbox and help him with Lethal ForensicELFication Cranberry Pi terminal challenge.Hints given:https://hackaday.com/2018/06/18/opening-a-ford-with-a-robot-and-the-de-bruijn-sequence/http://www.hakank.org/comb/debruijn.cgi Tangle Coalbox:Hey, thanks for the [..]

Objective 2: Directory Browsing

Difficulty Rating: 1/5 Who submitted (First Last) the rejected talk titled Data Loss for Rainbow Teams: A Path in the Darkness? Please analyze the CFP site (https://cfp.kringlecastle.com/) to find out.For hints on achieving this objective, please visit Minty Candycane and help her with the The Name Game Cranberry Pi [..]

Objective 1: Orientation Challenge

This objective is found in the main entrance hall - top rightDifficulty Rating: 1/5 What phrase is revealed when you answer all of the questions at the KringleCon Holiday Hack History kiosk inside the castle? For hints on achieving this objective, please visit Bushy Evergreen and help him with [..]

Elf #9 - Shinny Upatree - Sleigh Bell Lottery Cranberry Pi terminal

Shinny Upatree - Sleigh Bell Lottery Cranberry Pi terminal Hints given:https://pen-testing.sans.org/blog/2018/12/11/using-gdb-to-call-random-functions I'll hear the bells on Christmas DayTheir sweet, familiar sound will playBut just one elf,Pulls off the shelf,The bells to hang on Santa's sleigh! Please call me Shinny UpatreeI write you now, 'cause I would beThe one who [..]

Elf #8 - SugarPlum Mary - Python Escape from LA Cranberry Pi terminal

SugarPlum Mary: Python Escape from LA Cranberry Pi terminal Hints given:Check out Mark Baggett's talk upstairs (https://www.youtube.com/watch?v=ZVx2Sxl3B9c) I'm another elf in trouble,Caught within this Python bubble. Here I clench my merry elf fist -Words get filtered by a black list! Can't remember how I got stuck,Try it - maybe [..]

Elf #7 - Sparkle Redberry - Dev Ops Fail Cranberry Pi terminal

Sparkle Redberry: Dev Ops Fail Cranberry Pi terminal Hints given:https://en.internetwache.org/dont-publicly-expose-git-or-how-we-downloaded-your-websites-sourcecode-an-analysis-of-alexas-1m-28-07-2015/https://gist.github.com/hofmannsven/6814451 Coalbox again, and I've got one more ask.Sparkle Q. Redberry has fumbled a task.Git pull and merging, she did all the day;With all this gitting, some creds got away. Urging - I scolded, "Don't put creds in git!"She said, [..]

Elf #6 - Pepper Minstix: Yule Log Analysis Cranberry Pi terminal

Pepper Minstix - Yule Log Analysis Cranberry Pi terminal Given hint: https://www.youtube.com/watch?v=ZIOw_xfqkKM I am Pepper Minstix, and I'm looking for your help.Bad guys have us tangled up in pepperminty kelp!"Password spraying" is to blame for this our grinchly fate.Should we blame our password policies which users hate? Here you'll [..]

Elf #5 - Holly Evergreen - CURLing Master Cranberry Pi terminal

Holly Evergreen: CURLing Master Cranberry Pi terminal Hints given:https://developers.google.com/web/fundamentals/performance/http2/ I am Holly Evergreen, and now you won't believe:Once again the striper stopped; I think I might just leave!Bushy set it up to start upon a website call.Darned if I can CURL it on - my Linux skills apall. Could [..]