🚩
CTF Writeups
  • Introduction
  • VARIOUS CHALLENGES
    • Index
      • Kerberos - Authentication
      • Brooklyn Nine-Nine (room)
  • Cyberweek 2024
    • Index
      • 512 Chats
      • Ave César
      • Base jumping
      • Bit Maze
      • Double glazing
      • Dump local
      • Fichier audio étrange
      • Google Dork
      • Hack 1
      • Hack 4
      • Hexadecimal
      • HTTP
      • Image
      • Message secret Twitter
      • Mot de passe zip
      • Network
      • Où est-il ?
      • Steganomobile
      • The Hashcat Crackers
  • SpookyCTF 2024
    • Index
      • among-us
      • devil's-secret-stash
      • Phenominal-Photo
      • set-your-intentions-right
      • the-moth-flies-at-dawn
      • two-frames-one-champ
      • Well-Met
      • whispers-in-morse
  • BlueHens CTF 2024
    • Index
      • AlgebrarbeglA
      • Bees in Space
      • Inner Demons
      • Intro to OSINT
      • Intro to RSA
      • Intro to Web
      • lists of JSONs
      • Whispers of the Feathered Messenger
      • XS1: XOR without XOR
Powered by GitBook
On this page
  • Challenge
  • Solution
  1. BlueHens CTF 2024
  2. Index

Intro to Web

PreviousIntro to RSANextlists of JSONs

Last updated 5 months ago

Challenge

It's nice to have some training problems.

Solution

When checking the link, we end up on a blank page with some text.

Now, "version control" naturally makes me think of git. So let's check if we can find something...

So /.git/ is forbidden but when we keep looking, there's the HEAD file which contains interesting information.

So of course, I went to see the contents of that ref.

This number is actually the commit id for the latest commit in the master branch.

Now we've got a load of files but no way to read them. So we use the Extractor from the earlier mentioned GitTools.

As we know, the 6d11ca62644930fee1e2e48345c8d35bde2a95e7 file refers to the last commit, which is not what we're interested in. Let's look at the other one. It contains 2 files: commit-meta.txt and index.html.

This is what the text file contains:

And the web page looks like this:

Let's check out the code of this web page.

Now, let's enter it on our page.

It works ! But wait, where's my flag ? Oh right, we don't have access to it on this page. When checking the DevTools we can indeed see it tried to request the flag, but got an error.

What if we copied those parameters and used it on the actual website ?

Bingo !

But to go further with this, we first need to download the git repository somehow. After some digging I found the Dumper tool from and it works like a charm.

We can see there's a password stored and it's hashed using the MD5 algorithm. Using an I managed to find the password.

GitTools
online MD5 decrypter
https://bluehens-webstuff.chals.io/