CTF write-up by limbernie

One of my favorite boxes. I really enjoyed writing scripts to tease out the valid LDAP attributes and the token string.


Write-ups of retired machines



  • it was explained in the simplest way possible..nice writeup.

  • Thank you for reading. I strive to write as clear and simple as possible.

    Write-ups of retired machines

  • Another reason i always like your write up is because of those tiny bash scripts.They are too helpful to learn bash scripting in a practical way..

  • I used python script to get token string
    and in my script I added sleep (1) in requests
    because without delay my IP was blocked by CTF antiflood system.

    Why does your deduction.sh send requests without any delay in between and is not blocked by CTF antiflood system?


  • I think as long as it's a 200, fail2ban wouldn't do anything.

    Write-ups of retired machines

Sign In to comment.