HTB OSINT Challenge | “Easy Phish”
2024-2-12 19:38:14 Author: infosecwriteups.com(查看原文) 阅读量:14 收藏

Krk4v3c Security

InfoSec Write-ups

Easy Phish

CHALLENGE DESCRIPTION

Customers of secure-startup.com have been recieving some very convincing phishing emails, can you figure out why?

1.- Run the next Command ↓

dig TXT secure-startup.com _dmarc.secure-startup.com

1.1.- Output Command 

dig TXT secure-startup.com _dmarc.secure-startup.com
; <<>> DiG 9.18.19-1~deb12u1-Debian <<>> TXT secure-startup.com _dmarc.secure-startup.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 34677
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0x0005, udp: 512
;; QUESTION SECTION:
;secure-startup.com.  IN TXT
;; ANSWER SECTION:
secure-startup.com. 5 IN TXT "v=spf1 a mx ?all - HTB{RIP_SPF_Always_2nd"
;; Query time: 69 msec
;; SERVER: 10.1.1.2#53(10.1.1.2) (UDP)
;; WHEN: Sun Feb 04 08:03:16 UTC 2024
;; MSG SIZE  rcvd: 101
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 38937
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; MBZ: 0x0005, udp: 512
;; QUESTION SECTION:
;_dmarc.secure-startup.com. IN TXT
;; ANSWER SECTION:
_dmarc.secure-startup.com. 5 IN TXT "v=DMARC1;p=none;_F1ddl3_2_DMARC}"
;; Query time: 73 msec
;; SERVER: 10.1.1.2#53(10.1.1.2) (UDP)
;; WHEN: Sun Feb 04 08:03:16 UTC 2024
;; MSG SIZE  rcvd: 99

2.- Searching the flag ↓

To complete and obtain the flag we need to follow the following steps

2.1.- Of the following line we require HTB{RIP_SPF_Always_2nd

;; ANSWER SECTION:
secure-startup.com. 5 IN TXT "v=spf1 a mx ?all - HTB{RIP_SPF_Always_2nd"

2.2.- Of the following line we require _F1ddl3_2_DMARC}

;; ANSWER SECTION:
_dmarc.secure-startup.com. 5 IN TXT "v=DMARC1;p=none;_F1ddl3_2_DMARC}"

By joining the two previous requirements we obtain the following flag

3.- FLAG ↓

HTB{RIP_SPF_Always_2nd_F1ddl3_2_DMARC}

and the only thing left to do is to send the flag and the challenge will be solved.

This is a basic and interesting challenge, I hope the steps described above will be of great help for this challenge “Easy Phish” of HTB.


文章来源: https://infosecwriteups.com/htb-osint-challenge-easy-phish-36c3f08a82a4?source=rss----7b722bfd1b8d---4
如有侵权请联系:admin#unsafe.sh