Sunday, February 19, 2017

#ACKIM by Nullcon

Every year before one of the largest Security Conference of India NullCon, the nullcon team hosts a CTF. One of the most interesting challenges which is worth participating.

IT's FREE of COST

This particular blog is for the first of the challenge of web applications called as WEB100


This one i think was the most easiest for the ones atleast who are music lovers..

Chris Martin was the Hint..

For those who don't know him..

https://en.wikipedia.org/wiki/Chris_Martin

Will strongly suggest to know him through his outstanding songs.




It gave us a small hint on trying the same as user name and password.

user: chris
password:martin

Oops My IP is locked. Somebody is watching..Hmm

View Source was my next weapon.  Woooo i got something.. Looks like Base 64. Is it...Oh yeah it is.. 

MmI0YjAzN2ZkMWYzMDM3NWU1Y2Q4NzE0NDhiNWI5NWM=




curl -w http://54.152.19.210/web100/ gives the same result.


Decoded the same. Sample command is 

echo "YOUR STRING" | base64 -d




echo "MmI0YjAzN2ZkMWYzMDM3NWU1Y2Q4NzE0NDhiNWI5NWM=" | base64 -d

2b4b037fd1f30375e5cd871448b5b95c


Now there are two ways to crack this. One is to identify the kind of string it is and then see if it can be cracked.




The second one is easiest. Google :)

I was lucky and got a couple of good results.

With username and password as below gave us the flag:

username:coldplay
password:paradise

Wait, there was another hindrance. Ah WAF again....Gosh..

To bypass the WAF change the X-Forwarded-For header to 127.0.0.1. Ofcourse Martin has to come home...




Yeahhh it is paradise....



No comments:

Post a Comment