$$ \text {An iCSI CTF (RED24)} $$

Setup:

• The VM needed for this challenge can be downloaded here.
• You’ll need Kali Linux as well.
• The final flag will be found through a JWT compromise within the Web Application on the view page.

First Steps:

• You will not have the login credentials to the machine.

• Before you power it on, go to the machine settings and give the network adapter a custom MAC address.

  • This way you will be able to locate it with the arp-scan utility within Kali.
  • Don’t use the MAC address I have below. Everyone in the class needs something different.
    • Manually randomize the MAC Address you give your machine!

  

Once you have started the CTF machine, launch a root shell in Kali and do the following:

• use the *arp-scan* utility to scan the entire subnet and report back on MAC addresses that are present.
  • Your Kali Linux machine must be on the same subnet as the CTF machine.
• Use grep to filter for the MAC address that you gave the CTF Machine.
• NOTE: I only grep for the OUI of the MAC address. You should grep for the entire MAC Address!
  • Use all 6 Hex characters in your grep

Start with an Nmap:

• It will turn up a web server on port 80 this time

Introduction to JWT: JSON Web Tokens.

• Many websites use JSON Web Tokens (JWTs) to store specific data about their users. For instance, whenever you navigate a website, JSON Web Tokens may carry information like:
  • Your username.
  • Your user role (such as admin or regular user).
  • Additional data that is unique to your account.

JWTs are designed to be secure and are typically resistant to tampering by users.

In the initial phase of this lab, we will create a JSON Web Token. We'll explore its structure and the underlying principles of how JWTs function.