InfoSec Institute – CTF Level 9

This is a walkthrough for InfoSec Institute’s CTF challenge, Level 9.

The challenge presents with a login screen for a Cisco Intrusion Detection System (IDS). I tried a few typical username/password combinations (root/root, admin/password, etc) before googling “Cisco IDS default password”.


Sure enough, ‘root’/’attack’ worked, and the flag was given in a popup box:Infosec_flagis_?

At first glance, this looks like the string presented in their Level 4 CTF challenge, but the character spacing is all wrong. We already determined that they’re using the format “infosec_flagis_?????”, and they’re unlikely to change the grouping since it helps identify the flag in a CTF event.

The flag is presented in plaintext, but reversed. To undo this, use the “rev” command in Linux, which reverses a string passed into it:

echo "ssaptluafed_sigalf_cesofni" | rev

Answer: infosec_flagis_defaultpass

InfoSec Institute – CTF Level 9

Leave a Reply