Ethical Hacking CTF Walkthrough | TryHackMe Hackfinity Battle ๐
Join this 2-hour walkthrough of the Hackfinity Battle CTF on TryHackMe, covering essential ethical hacking techniques and challenges.
Motasem Hamdan
1.8K views โข Mar 31, 2025
About this video
TryHackMe Hackfinity Battle Encor walkthrough begins with a warm greeting and a heads-up about the videoโs two-hour runtime. The creator sets the tone for an immersive ethical hacking experience. The TryHackMe Hackfinity Battle is presented as a well-rounded CTF with categories including forensics, cryptography, reversing, game hacking, and blockchain exploitation.
****
Receive Cyber Security Field, Certifications Notes and Special Training Videos
https://buymeacoffee.com/notescatalog/membership
Writeup
https://motasem-notes.net/tryhackme-hackfinity-battle-encore-writeup-ethical-hacking-ctf-walkthrough/
******
Store
https://buymeacoffee.com/notescatalog/extras
Patreon
https://www.patreon.com/motasemhamdan
Instagram
https://www.instagram.com/mastermindstudynotes/
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6aiL8z6
LinkedIn
[1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/
[2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/
Instagram
https://www.instagram.com/mastermindstudynotes/
Twitter
https://twitter.com/ManMotasem
Facebook
https://www.facebook.com/motasemhamdantty/
***
0:00 - ๐ Introduction and Overview of the Hack Infinity CTF
1:03 - ๐ Catch Me If You Can: Forensics Challenge
4:36 - ๐ต๏ธโโ๏ธ Hidden Message: Image Steganography Using Pigpen Cipher
10:36 - ๐ Safe House Address via Open Source Intelligence
12:26 - ๐ Notepad Online: IDOR Vulnerability Exploitation
15:19 - ๐ Dark Encryptor: Command Injection
18:02 - ๐ Dark Encryptor 2: Blind Command Injection via File Upload
24:29 - ๐งฉ Crypto Channels: Known Plaintext XOR Decryption
26:16 - ๐ฆ Dark Matter: Ransomware Decryption Using Debug Info
29:10 - ๐ช Ghost Phishing: Malicious Word Doc to Gain Reverse Shell
33:55 - ๐ก๏ธ Dump: Lsass Dump and Pass-the-Hash
38:20 - ๐ Shadow Phishing: Backdoor via Trusted Contact Email
44:27 - ๐ Blockchain 1: Reading Contract Storage for Flag
48:40 - ๐ Blockchain 2: Ownership Takeover and Withdrawal
56:57 - ๐ฎ Game Reversing: Gdscript Score Manipulation
62:03 - ๐ฎ Game Reversing 2: Godot Project Recovery
65:07 - ๐ค Evil GPT 1: AI Prompt Command Injection
68:28 - ๐ค Evil GPT 2: Bypassing AI Filters via Social Prompt Engineering
73:01 - ๐งพ Stall Mount: PCAP Analysis, Zip Extraction, QR Code
78:10 - ๐ณ๏ธ Infinity Shell: Webshell Discovery via Logs
82:57 - ๐ Sneaky Patch: Kernel Backdoor Analysis
86:31 - ๐ Hide and Seek: Investigating Persistence Mechanisms
93:52 - ๐ Cipher Service: Systemd Service Malware
94:36 - โ๏ธ Welcome Message Backdoor (MOTD)
96:10 - ๐ ๏ธ SQL Dump: SQLMap Blind Injection Analysis in PCAP
107:23 - ๐ Shadow Phishing 2: Custom Cipher Decryption
109:40 - ๐ Cryptosystem: RSA-like Decryption with Custom N
112:22 - ๐ฆ Flag Vault: Classic Buffer Overflow
117:27 - ๐ฆ Flag Vault 2: Format String Vulnerability
125:13 - โ๏ธ Cloud Challenge 1: Retrieve Flag from Secret Manager
128:05 - โ๏ธ Cloud Challenge 2: Phishing S3 Bucket Logs
131:09 - โ๏ธ Cloud Challenge 3: Encrypted Data in S3 with KMS
133:58 - ๐ Decrypting with KMS via Role Assumption
140:05 - ๐งโโ๏ธ Computer Magic: Ghidra Binary Reverse Engineering
147:35 - ๐ Alt Authentication: Reversing Custom XOR & Input Checks
160:44 - ๐ Conclusion and Write-up Announcement
****
Receive Cyber Security Field, Certifications Notes and Special Training Videos
https://buymeacoffee.com/notescatalog/membership
Writeup
https://motasem-notes.net/tryhackme-hackfinity-battle-encore-writeup-ethical-hacking-ctf-walkthrough/
******
Store
https://buymeacoffee.com/notescatalog/extras
Patreon
https://www.patreon.com/motasemhamdan
https://www.instagram.com/mastermindstudynotes/
Google Profile
https://maps.app.goo.gl/eLotQQb7Dm6aiL8z6
[1]: https://www.linkedin.com/in/motasem-hamdan-7673289b/
[2]: https://www.linkedin.com/in/motasem-eldad-ha-bb42481b2/
https://www.instagram.com/mastermindstudynotes/
https://twitter.com/ManMotasem
https://www.facebook.com/motasemhamdantty/
***
0:00 - ๐ Introduction and Overview of the Hack Infinity CTF
1:03 - ๐ Catch Me If You Can: Forensics Challenge
4:36 - ๐ต๏ธโโ๏ธ Hidden Message: Image Steganography Using Pigpen Cipher
10:36 - ๐ Safe House Address via Open Source Intelligence
12:26 - ๐ Notepad Online: IDOR Vulnerability Exploitation
15:19 - ๐ Dark Encryptor: Command Injection
18:02 - ๐ Dark Encryptor 2: Blind Command Injection via File Upload
24:29 - ๐งฉ Crypto Channels: Known Plaintext XOR Decryption
26:16 - ๐ฆ Dark Matter: Ransomware Decryption Using Debug Info
29:10 - ๐ช Ghost Phishing: Malicious Word Doc to Gain Reverse Shell
33:55 - ๐ก๏ธ Dump: Lsass Dump and Pass-the-Hash
38:20 - ๐ Shadow Phishing: Backdoor via Trusted Contact Email
44:27 - ๐ Blockchain 1: Reading Contract Storage for Flag
48:40 - ๐ Blockchain 2: Ownership Takeover and Withdrawal
56:57 - ๐ฎ Game Reversing: Gdscript Score Manipulation
62:03 - ๐ฎ Game Reversing 2: Godot Project Recovery
65:07 - ๐ค Evil GPT 1: AI Prompt Command Injection
68:28 - ๐ค Evil GPT 2: Bypassing AI Filters via Social Prompt Engineering
73:01 - ๐งพ Stall Mount: PCAP Analysis, Zip Extraction, QR Code
78:10 - ๐ณ๏ธ Infinity Shell: Webshell Discovery via Logs
82:57 - ๐ Sneaky Patch: Kernel Backdoor Analysis
86:31 - ๐ Hide and Seek: Investigating Persistence Mechanisms
93:52 - ๐ Cipher Service: Systemd Service Malware
94:36 - โ๏ธ Welcome Message Backdoor (MOTD)
96:10 - ๐ ๏ธ SQL Dump: SQLMap Blind Injection Analysis in PCAP
107:23 - ๐ Shadow Phishing 2: Custom Cipher Decryption
109:40 - ๐ Cryptosystem: RSA-like Decryption with Custom N
112:22 - ๐ฆ Flag Vault: Classic Buffer Overflow
117:27 - ๐ฆ Flag Vault 2: Format String Vulnerability
125:13 - โ๏ธ Cloud Challenge 1: Retrieve Flag from Secret Manager
128:05 - โ๏ธ Cloud Challenge 2: Phishing S3 Bucket Logs
131:09 - โ๏ธ Cloud Challenge 3: Encrypted Data in S3 with KMS
133:58 - ๐ Decrypting with KMS via Role Assumption
140:05 - ๐งโโ๏ธ Computer Magic: Ghidra Binary Reverse Engineering
147:35 - ๐ Alt Authentication: Reversing Custom XOR & Input Checks
160:44 - ๐ Conclusion and Write-up Announcement
Tags and Topics
Browse our collection to discover more content in these categories.
Video Information
Views
1.8K
Likes
79
Duration
02:41:17
Published
Mar 31, 2025
User Reviews
4.5
(1) Related Trending Topics
LIVE TRENDSRelated trending topics. Click any trend to explore more videos.