Cyber Threats That Could Impact the Retail Industry This Holiday Season (and What to Do About It)

As the holiday season approaches, retail businesses are gearing up for their annual surge in online and in-store traffic. Unfortunately, this increase in activity also attracts cybercriminals looking to exploit vulnerabilities for their gain. Imperva, a Thales company, recently published its annu...

h1-ctf: Hackyholidays [ h1-ctf] writeup [mission:- stop the grinch ]

Hello Team Description In the continuous series of 12 days, twelve flags were hidden inside Hackyholidays site - hackyholidays.h1ctf.com in which once we get all the flags, grinch can be stopped. This write-up will describe solving all the 12 days challenges. Step To Reproduce + It all started wh...

h1-ctf: How The Hackers Saved Christmas

F1139789 Challenge I 🤖 "What are you doing?" I asked myself. I was about to trespass a clear warning to keep out. F1139744 "Have you lost your mind?" But I couldn't help it. I was born for this. And I wasn't going to back down. There are 12 more days until Christmas Eve, and I wasn't going to let...

h1-ctf: First CTF ever!

Pretext Started looking into hacking this autumn and then found out HackerOne was doing a Christmas themed CTF. Further investigation showed that the deplorable Grinch might be up to no good again - Christmas is in danger! TLDR Lots of hacking took place, the Grinch was stopped, Christmas saved a...

h1-ctf: h1-ctf : 12 days of hack holiday writeup

Summary This was a real fun CTF and I really enjoyed solving the challenges. Great job on creating the challenges. This is my writeup for the "12 Days of Hacky Holidays CTF". I hope you enjoy reading it, and I hope others reading it will pick up a trick or two. Flags: This is all the flags found...

h1-ctf: [H1 hackyholidays] CTF Writeup

Hello team, Here is my CTF writeup for HackyHolidays. Main page The main page doesn't contain any interesting stuff, just a few assets. Maybe we will find some known files in webapp root: index.php, .htaccess, robots.txt, ...? robots.txt file exists, and there is the first flag: User-agent:...

h1-ctf: hackyholidays CTF Writeup

Summary: As per the referenced blog entry, the Grinch has gone hi-tech this year with the intentions of ruining the holidays. The challenge was about infiltrating the Grinch's network and take it down. As outlined on https://hackerone.com/h1-ctf, the domain hackyholidays.h1ctf.com was in scope. I...

h1-ctf: Grinchs website takendown with various other exploits

The HackyHolidays This is my first HackerOne CTF challenge writeup. Contents: flag1: Day 1 Check the files, robots.txt flag2: Day 2 one more : jquery.min.js flag3: Day 3 People Rater flag4: Day 4 Brute Force, Swag Shop flag5: Day 5 Brute Force, Secure Login flag6: Day 6 Brute Force, My Diary flag...

h1-ctf: HackyHolidays H1 CTF Writeup

HackyHolidays Day 1 Once the CTF started and the Grinch released the scope hackyholidays.h1ctf.com, I started the CTF by a good old Nmap scan, to see whats running on the server. So the nmap command looked like nmap -sC -sV -oA nmap hackyholidays.h1ctf.com/. The result showed a promising entry...

h1-ctf: 12 Days of CTF Walkthroughs

h1-ctf: 12 Days of Hacky Holidays This is my writeup for 12 Days of Hacky Holidays. The report is written such that beginners to CTFs will be able to learn the tricks of the trade. The Mission: The Grinch has gone hi-tech this year with the intention of ruining the holidays 😱We need you to...

h1-ctf: A Visit from The Grinch ~ 'Twas the night before Hackmas...

Foreword This was an amazing CTF! The first from Hackerone that I've finished and one that I have enjoyed the most. Huge shout out to @adamtlangley for creating this downright poetic challenge. My whopping 20+ invitations are already being put to good use. Hacky Holidays and Merry Hackmas! Flag 1...

h1-ctf: Hacky Holidays Writeup

On December 12th, 2020, the CTF became live and the scope that we are allowed to attack was In Scope Domain - hackyholidays.h1ctf.com Our main motive was to infiltrate his network and take him down. The challenges appeared one by one till 24th of December. Here we will be going through all the...

h1-ctf: Successfully took down the Grinch and saved the holidays from being ruined

Beginning ---------- HackerOne's official twitter account posted a tweet on 11th December announcing 12 days of hacky holidays where we have to take down the grinch and prevent him from ruining the Christmas holidays. F1132156 Challenge 1: Something to get started...

h1-ctf: Mission completed. Grinch Networks is down and Christmas saved.

Hi, I decided to create a good writeup, but for that I'd need some time, that's why I am submitting this pre-report now, and the actual report I ll submit before the deadline in this thread, right under this one. Here is some proof that Grinch Networks is down:...

h1-ctf: Taking Grinch Down To Save Holidays

Hi thank you Hackerone and Adam for organizing the CTF, this had honestly helped me to learn good skills and techniques. The CTF began with the scope: hackyholidays.h1ctf.com and mission to take down grinch So here's a quick visual summary of all the challenges F1131175 F1131176 1. Grinch Robots ...

h1-ctf: Grinch Networks compromised!

Grinch Networks compromised! For fast triage/validation and inspired by @manoelt in other CTF, I made a bash script to find and print all the 12 flags of this CTF. The script uses curl, wget, google-chrome headless for flag 2, unzip, grep and sed. If any of these commands is missing, the script...

h1-ctf: CTF Writeup

Hi, First of all, thanks for this amazing CTF!. I will post my writeup soon, it is time to sleep now : F1129602 By the way, the creator of challenge 11 is crazy. Impact Grinch Network is finally down...

h1-ctf: Complete destruction of the Grinch server

Hackyholidays flag 1 First flag is just a matter of reading /robots.txt file: User-agent: Disallow: /s3cr3t-ar3a Flag: flag48104912-28b0-494a-9995-a203d1e261e7 flag 2 Visiting /s3cr3t-ar3a and opening it with developer tools gets the second flag: flagb7ebcb75-9100-4f91-8454-cfb9574459f7 It is...

h1-ctf: [CTF] I've DDoSed Grinch Network

Hello! Here are all 12 flags for HackyHolidays CTF: 1. flag48104912-28b0-494a-9995-a203d1e261e7 2. flagb7ebcb75-9100-4f91-8454-cfb9574459f7 3. flagb705fb11-fb55-442f-847f-0931be82ed9a 4. flag972e7072-b1b6-4bf7-b825-a912d3fd38d6 5. flag2e6f9bf8-fdbd-483b-8c18-bdf371b2b004 6...

h1-ctf: Stopping Grinch to ruin XMas!

Hello, Gonna just submit flags first then will send my write up later tomorrow. flag1: flag48104912-28b0-494a-9995-a203d1e261e7 https://hackyholidays.h1ctf.com/robots.txt recon revealing hidden endpoint flag2: flagb7ebcb75-9100-4f91-8454-cfb9574459f7 https://hackyholidays.h1ctf.com/s3cr3t-ar3a...