Late Writeup – Opabina 4 (Google)

During the Google CTF, I did not finish the Opabina 4 challenge due to time constraints (my fault – I thought it finished at 1am local time and played videogames instead). Afterwards, I found the server was still up, so I completed this challenge to set my mind more at ease.

This challenge starts off similar to the other Opabina challenges, with the client making a GET request to “/”. Letting this go through, I was surprised when the server spat back a full HTML page. I saved the page and rendered it:

web design like its 1999

web design like its 1999

 

Inspection of the content returned nothing abormal, aside from an HTML form posted to https://elided/user/sign_in. My first thought was to redirect this to http://elided, or to send this to a listening host on the Internet:

T_T

T_T

It turns out that the solution was much simpler (and in line with the 75-point value): a GET request to /user/sign_in on localhost was enough:

win!

win!

Unfortunately, this challenge was solved too late to win any Internet points, but this was a fun diversion nonetheless 🙂

(Also: super hyped for this weekend)

About Norman

Sometimes, I write code. Occasionally, it even works.
This entry was posted in Bards, Computers, Jesting and tagged , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s