Writeup – El33t Articles Hub (Pragyan CTF)

This weekend, I participated in Pragyan CTF. In the time allocated, I solved a few challenges – unfortunately, most of them are not worth writing about, in that they are very similar to previous writeups.

I will present a writeup for one of the web challenges below.

El33t Articles Hub

This was a web challenge, with the challenge text as follows:

On visiting the website, we are taken to the following web page:

Viewing the source code gives us an interesting clue: that a dynamic favico is being generated:

A bit of guesswork reveals that this is vulnerable to a path traversal bug, and a little bit of exploration later reveals the source code for index.php, and more importantly, helpers.php:

Some fiddling with the path on the webserver later, gives us the flag:

Thanks to the Pragyan organisers for putting together this event – unfortunately, it quickly became apparent that this event was not ready for deployment, and some of the challenges had undergone insufficient playtesting. Also, the entire “Misc” category disappearing while the CTF was on is pretty much never a good sign.

Interestingly, someone in my university class asked last week, “is every website this vulnerable”. Funnily enough, the answer is no, but almost that it doesn’t matter – enough things are vulnerable that the problem shifts from a pure technology one to an intelligence one, towards keeping an eye on what’s vulnerable, and keeping tabs on what’s “interesting” – and this leads down a path of philosophical discussions all on it’s own.

Better luck next time – see you all in N1CTF next weekend.

About Norman

Sometimes, I write code. Occasionally, it even works.
This entry was posted in Bards, Computers, Jesting. Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.