Spoiler Removed
HA HA…I literally had the second half…sitting in a Word doc…right in front of my face… It’s so easy to over think and over complicate these challenges and that is what makes them so great. We are our own worst enemies… High five and fist bump to greenwolf.
i got both parts, however after pasting them together it still doesn’t take the flag. Am I missing something?
got this after a few digs and google searches…@n4v1n has the best advice
Type your comment> @PanamaEd117 said:
any tips on line how to start this? ran dig, nslookup, and fierce. Found a subdomain. Also notice no DNSSEC. Just not sure how to start.
what is fierce
I am having the worst luck with this one. I found the first half of the flag using dnsrecon. However I am having no luck finding the 2nd half of this flag. I tried enumerating for mx records and found none. I even tried attacking a few send mail ports, got no where. I’m out of ideas. Any further hints or help would be highly appreciated.
Hint: Learn about 3 ways to protect your company from spoofed emails
Happened to read about this exact technology this morning on /r/netsec, so I got it fast!
PM me for any help on this one
It was so funny.