Keeber Security Group

Keeber 1

Solved by: Starry-Lord

By searching for keeber security group on google we quickly found a valid domain at keebersecuritygroup.com, then finding the registrant name online gave the flag.


Keeber 2

Solved by: Starry-Lord

We can check for past versions of most website, and we find they fired Tiffany Douglas:


Keeber 3

Solved by: Starry-Lord

Here is their github:

https://github.com/keebersecuritygroup

https://github.com/keebersecuritygroup/security-evaluation-workflow/commit/e76da63337cfabb12ea127af3f86168e9dd08428

We can see at this point in time a file called asana_secret.txt was uploaded to the github by mistake, Tiffany made a typo in the .gitignore file which ended up preventing asana_secret.tx from being commited (which doesn’t exist). Looking up Asana, I read we can query other users e-mails if we invite them to a group we create. It didn’t help us here but still noticeable detail. Researching more on asana, I discovered it has an API which allows to get information back with the right Authorization Header.


Keeber 4

Solved by: Starry-Lord

To open this kbdx file we can use keepass2 on Kali Systems, after grabbing it from the github.

To make a custom wordlist from public facing information I used cewl:

cewl https://raw.githubusercontent.com/keebersecuritygroup/security-evaluation-workflow/main/code_reviews.txt > code_reviews.txt 

I did so for each text files in the /security-evaluation-workflow/ repository.

Then I had to turn it into a crackable format with keepass2john:

starlord@HAL-9000:~/Bureau/Fun/Nahamcon2022/Keeber$ keepass2john ksg_passwd_db.kdbx 

ksg_passwd_db:$keepass$*2*58823528*0*d1aa5a09ccf3f75d30ea2d548ca045d28252c90adc8bf016bd444cbb3d6d5f65*580f6c41d95ea9407da649ee0312209f1686edf0b779458d57288ed7043c60ff*aec6b24ac45bf46d4b632d5e408799c7*4fa205b599089f79005e176c9c47690ffc58492169309a47613d4269a8ef2a52*f51a2a1f36f1ca1d10439aa78eccece46337274880f594f5a62a703f6007374f

password: craccurrelss


Keeber 5

Solved by: Starry-Lord

Clone the repository /security-evaluation-workflow/ and check commit logs.

email: tif.hearts.science@gmail.com

Keeber 6

Solved by: Starry-Lord

Lost a piece of my soul and made a yelp account, to look for reviews by e-mail.


Keeber 7

Solved too late by: Starry-Lord

e-mail: cheerios.fanatic1941@gmail.com

https://seon.io/resources/the-ultimate-guide-to-free-email-lookup-and-reverse-email-lookup-tools/

This online tool showed a mention about myspace, so I sacrificed another bit of my soul and made a MySpace account. This allows us to find the flag and a new username:


Keeber 8

Solved too late by: Starry-Lord

myspace username: cereal_lover1990

A quick search for the username with another online tool reveals a matching user on pastebin.com:

https://pastebin.com/u/cereal_lover1990

content of Chump List: