This repository serves as a writeup for Tenable CTF 2021
Category: Tenable Points: 25 Description:
File: Linux_Scan.db
In this task, we need to install Nessus scanner and use it to read the encrypted database, so I've installed its community version (free with a trial version).
In the main page, there was an "Import" button that I've used to upload the Nessus Database "Linux_Scan.db" with the required password.
And that's how we got the scan results called "Linux Scan". When we access this scan:
I tried to search for the flag in the Filter input but I wasn't be able to find it.
But I found something that could be interesting which is the Export button:
We know that the file that we've imported was a Nessus DB but what about the Nessus export?
After I exported the file and I downloaded it I got a text file Linux_Scan_uuo914.nessus which contains the flag.
The flag contains an encoded HTML character which is the "'".
So the flag is flag{1t's eXt3n51bl3}.
Category: Tenable Points: 25 Description:
File: Linux_Scan.db
This is the continuity of the previous task.
In this task, I tried to download the scan results for the host 172.26.48.53 using the "Download" link:
I searched for the flag in the downloaded .txt kb_172.26.48.53.txt file and I found it:
So, the flag is flag{bu7 n07 putt1ng 1t 1n 4 fru17 s@l4d, th@t5 W1SD0M}.
In this CTF, we played as a team S3c5murf with Likkrid and v3rlust and we got ranked 100th/1762:
The tasks that I've solved
All the tasks that we've solved and we didn't solved as a team:
CTFTime event: https://ctftime.org/event/1266