Still continuation from my writeup from the CTF competition (BCACTF 2.0) I joined days ago. This one is the last Web Problem I manage to solve and on this post also includes one of the 3 Forensics Problem I was able to correctly answer.XD
Web Problem #3: Agent Gerald
Agent Gerald is a spy in SI-6 (Stegosaurus Intelligence-6). We need you to infiltrate this top-secret SI-6 webpage, but it looks like it can only be accessed by Agent Gerald's special browser...
http://web.bcactf.com:49156/
Hint 1 of 1: What is a way webpages know what kind of browser you're using?
My Approach/Solution
Going into the Web Challenge link above gives one this welcome page.
Like always, I immediately check the Page Source but unfortunately found nothing that will likely give us a clue of the FLAG we are looking for.
Judging by the question on the challenge web page "Are you Agent Gerald?" my first instinct was to send a cookie with value "Agent Gerald" like the solution to the previous Web Challenge but as expected that did not work.
I re-read the problem again and notice the line "but it looks like it can only be accessed by Agent Gerald's special browser..." and with the help of the hint "What is a way webpages know what kind of browser you're using?" I thought of adding "Agent Gerald" on the User-Agent to which the hint is somehow pointing at.
And so I intercepted the request again using Burp Suite and added Agent Gerald on the User-Agent field before forwarding the request
And voila! Challenge Solved and we get the FLAG for this Web Problem. :)
Forensics Problem #1: Infinite Zip
Here's a zip, there's a zip. Zip zip everywhere.
flag.zip
My Approach/Solution
Downloading the .ZIP file above gives us a .ZIP file within a .ZIP file within .ZIP file ... x1000 times!!!
And so we can just use a simple Bash Script that unzips file until no more zip files are found...
#!/bin/bash
while [ -n "$(ls .zip)" ]; do
files=.zip
for file in $files; do
echo "Unzipping $file..."
unzip -q "$file"
rm "$file"
done
done
It took 2-3 minutes to UNZIP All 999 files only to get 1 Image File at the end, this one:
I thought this was the correct answer to Forensics Problem #1 but when I inputted the flag above it gave me "INCORRECT FLAG". T_T
I then went into the link above (https://tinyurl.com/DefinitelyTheFlag) only for it to redirect me to a YOUTUBE LINK that plays WINDOWS EXP ERROR SONG which CLEARLY IS TRYING TO MOCK ME. LOL
I thought I might have missed one redirect page before the youtube link and so I checked ALL the redirect for the link above only to find it really only points to the WINDOWS XP ERROR Youtube Link.
I was honestly stuck for a good 30 minutes or so on this problem (No Hint on this one too), only to notice wayyyy lateeee that this is a FORENSICS Problem.
I then tried searching for "bcactf" inside the flag.png file and immediately found the flag. LOL
I then used ExifTool for easy copy paste of the FLAG. Lol XD
So yeah! What a FUN Forensics Problem. I for one did not expect that troll flag near the end. XD
Noice J well done :P
Your content has been voted as a part of Encouragement program. Keep up the good work!
Use Ecency daily to boost your growth on platform!
Support Ecency
Vote for Proposal
Delegate HP and earn more
An interesting task. Well done for deciding. I love similar tasks.