This weekend, I participated in Pragyan CTF. In the time allocated, I solved a few challenges – unfortunately, most of them are not worth writing about, in that they are very similar to previous writeups.
I will present a writeup for one of the web challenges below.
El33t Articles Hub
This was a web challenge, with the challenge text as follows:
On visiting the website, we are taken to the following web page:
Viewing the source code gives us an interesting clue: that a dynamic favico is being generated:
A bit of guesswork reveals that this is vulnerable to a path traversal bug, and a little bit of exploration later reveals the source code for index.php, and more importantly, helpers.php:
Some fiddling with the path on the webserver later, gives us the flag:
Thanks to the Pragyan organisers for putting together this event – unfortunately, it quickly became apparent that this event was not ready for deployment, and some of the challenges had undergone insufficient playtesting. Also, the entire “Misc” category disappearing while the CTF was on is pretty much never a good sign.
Interestingly, someone in my university class asked last week, “is every website this vulnerable”. Funnily enough, the answer is no, but almost that it doesn’t matter – enough things are vulnerable that the problem shifts from a pure technology one to an intelligence one, towards keeping an eye on what’s vulnerable, and keeping tabs on what’s “interesting” – and this leads down a path of philosophical discussions all on it’s own.
Better luck next time – see you all in N1CTF next weekend.