Final exam, Part 2
Due 5:00PM Monday, 24 November 2025
Hand in as final2.pdf via Moodle
This portion of the exam has the same rules as Part 1.
5. Hacking Jeff's Server Again
For this exercise, your goal is to find a collection of secrets scattered around the server intrigue.jeffondich.com. Each secret will consist of a line of text starting with the all-caps word "SECRET". Each secret is worth 4 points.
To get the points for a secret, you need to (1) provide the secret itself and (2) explain how you found it. Your explanation should be brief, but detailed enough to enable another person to follow your instructions to find the secret themselves.
Some of the secrets are easy to find, and some...well, let's say that some are more challenging than others. How many secrets are there? If I'm counting correctly, there are ten, but your max point total is equal to 32 points. (Get the extra couple secrets, though, and I'll be impressed!)
Here are a few tools, terms, and ideas that you may (or may not) find helpful.
- nmap
- just messing around with the open ports you find
- gobuster (or feroxbuster, which will do recursion for you)
- hashcat
- directory traversal vulnerability
- URL editing
- ...