BanjoFox

For those who are about to OSCP... I give you this. Lord of the Root https://www.vulnhub.com/entry/lord-of-the-root-101,129/

Maybe steganography? http://security.stackexchange.com/questions/2144/detecting-steganography-in-images Addendum: Depending on what kind of CTF Steganography MIGHT be out of scope ;D

Caps, I was able to get Subterfuge installed on Kali 2 (rolling-edition) with only a four commands. My suspicion is that you are trying to do something more ;D Here's what I did to get the install going. In Brief: root@localhost:~# git clone https://github.com/Subterfuge-Framework/Subterfuge.git root@localhost:~# cd Subterfuge/ root@localhost:~/Subterfuge# python setup.py root@localhost:~/Subterfuge# subterfuge The Long Version: root@localhost:~# git clone https://github.com/Subterfuge-Framework/Subterfuge.git Cloning into 'Subterfuge'... remote: Counting objects: 419, done. remote: Compressing objects: 100% (25/25), done. remote: Total 419 (delta 6), reused 0 (delta 0), pack-reused 392 Receiving objects: 100% (419/419), 4.43 MiB | 7.41 MiB/s, done. Resolving deltas: 100% (149/149), done. Checking connectivity... done. root@localhost:~# cd Subterfuge/ root@localhost:~/Subterfuge# python setup.py [+] Beginning Subterfuge installation... Get:1 http://archive.linux.duke.edu/kalilinux/kali kali-rolling InRelease [24.6 kB] Get:2 http://archive.linux.duke.edu/kalilinux/kali kali-rolling/main amd64 Packages [13.4 MB] Get:3 http://archive.linux.duke.edu/kalilinux/kali kali-rolling/non-free amd64 Packages [145 kB] Get:4 http://archive.linux.duke.edu/kalilinux/kali kali-rolling/contrib amd64 Packages [93.0 kB] .... ## Boring installation stuff here. .... Installing collected packages: django Successfully installed django Cleaning up... [+] Subterfuge installation completed successfully! root@localhost:~/Subterfuge# subterfuge Subterfuge courtesy of r00t0v3rr1d3 & 0sm0s1z Performing system checks... System check identified some issues: WARNINGS: ?: (1_6.W001) Some project unittests may not execute as expected. HINT: Django 1.6 introduced a new default test runner. It looks like this project was generated using Django 1.5 or earlier. You should ensure your tests are all running & behaving as expected. See https://docs.djangoproject.com/en/dev/releases/1.6/#new-test-runner for more information. System check identified 1 issue (0 silenced). You have unapplied migrations; your app may not work properly until they are applied. Run 'python manage.py migrate' to apply them. March 07, 2016 - 19:52:35 Django version 1.7, using settings 'subterfuge.settings' Starting development server at http://127.0.0.1:80/ Quit the server with CONTROL-C.

Myself and a couple of other guys in my study group took our OSCP exams last week. Learning was hard as all heck, but man it was good times :D Two of the four (myself included) that took it were able to pass. The MOST IMPORTANT thing with OSCP is to DOCUMENT WELL! If you guys want more pointers/help hit me up :D BanjoFox OSCP ;D p.s. The course is not set on any one particular programming/scripting language. Many sample codes are in Python, but you also have to write a Bash script to automate pings, as well as modify exploits in C, ASP.NET, Perl, and Ruby (Metasploit module).

Ctrl+F > Change dropdown to "String" (left of the search box) > Search for interesting keywords like: username, password, login, etc... Do you know what kind of info the flag is? Google> Wireshark display filters Banjo

..... *Sigh* somehow I managed to highlight the "Post" button whilst writing and subsequently submitted before I was done... AND I am unable to locate an Edit function.... (first post cont.) In order to comply to the bulletin I am disallowed from operating my Nano on my belt strap! Therefore it must be relegated to the outer reaches of my EDC XD... this amuses me. <The End> .... <For siris this time> - Banjo p.s. Moderators please feel free to merge this double post v.v .... cause you know... my bad...

I received my Nano today (woo!), and RTFM'ed before even thinking about plugging it up. The tiny card that came with it seemed pretty straightforward until I got to the part about FCC regulations. NORMALLY, I skip over them but for some reason (*cough*masochistic curiosity*cough), I decided to indulge. Anyways.... my favorite part was:

Boo51799 jujubes is correct. I just set mine up on Windows 10 without any issues. Albeit I skipped the SSH part and played around with the WebUI for a bit. Answering your question about Linux... you would be hard-pressed to find any Linux distribution that doesn't have an SSH client out of the box :) For new folks I might recommend one of the Linux Mint variants (www.linuxmint.com). Don't fret about picking "Cinnamon" vs. "MATE" vs. "XFCE" because those are all just names for the default desktop environment. All of them are fairly Windows-like, in that they have a "Start" menu in the bottom left. :) Plus you can always download one onto a CD or USB stick and boot to it without having to do a full install. Have fun! - Banjo

I needs mah Pineapplz!! ;-; *sits on hands and waits... then orders Nano and waits*