15 September 2014

NOCONNAME CTF QUALS 2014: WEBSTER WRITEUP

Super-secure cloud service.
https://ctf.noconname.org/webster/





opening the web page we found a form
after some attempts we enter with test/test
there's nothing but a sort of a file manager


trying to open flag file with the cloud service says:
Seems that you are not in the right place for that

the intresting part now is .htaccess file
   
   Order allow,deny  
   Deny from all  
   Satisfy all  
  

to satisfy this rule we're supposed to be on the same lan of the server
but there's something intresting elso which is the cookie after logging in
we've got this thing loc=c869d000ef5c6fdfa128b058d2865512;
which is md5(10.128.29.136)

so it's prolly checking the ip from there ? let's try to change it to 127.0.0.1
loc=f528764d624db129b32c21fbca0cb8d6;


rereading the flag file from the super cloud service
https://ctf.noconname.org/webster/content.php?op=4

and we've got it


NCN_f528764d624db129b32c21fbca0cb8d6

1 comment:

  1. Nice writeups :) Good to know where I wasn't looking.
    Look forward to some more hopefully.

    ReplyDelete