Tag Archives: ctf-web

CTF : 2018 : ReplyCTF : Web : CAPTCHAFLAG

Datele problemei:

M-am uitat in codul sursa si am vazut :
<!– HACKED VUVkYWRtTnRNR2RaVjA0d1lWYzVkVkJUU1hWTWVVa3JVRWRzZFdOSVZqQkpTRkkxWTBkVk9VbHVUakZaYlRGd1pFTkpaMkp0Um5SYVZEQnBZME5KWjJSdFJuTmtWMVU1U1cxNGRtSkRTV2RRYW5kMllWYzFkMlJZVVNzPQ== –>

Cand vad “=” imi sare gandul automat la base64 .. am folosit de 3 ori un decoder pentru el si am dat de stringul initial:

<form action=”./”><input type=”submit” name=”p” value=”lol” ></input> 

Am apelat URL-ul ?p=lol si am observat ca cele 3 imagini cu numere se schimba .. sunt intre 1 si 15 si .. in codul sursa se observa ca tot base64 e numele lor 🙂

Le-am luat pe toate 15 in ordine crescatoare si a reiesit stringul ..
Q29tZSBvbiBpdCBIHRvIG92ZXJjb214gY29uZ3JhdHVsYXRpb25zLCB5b3UndmUgZm91bmQgdGhlIGZpcnN0IGZsYWc6CntGTEc6MVRzNEwwTmdXNHlUMDdoM1QwcDFmWTBVVzRuTjRSMGNLblIwTEx9Ck5vdyB3aWxsIHlvdSBiZSBhYmxlIHRvIG92ZXJjb21lIHRoZSBuZXh0IGxldmVsPyA7KQ==

Pus tot pe base64decode.org ..
Come on it Hݙ\^ congratulations, you’ve found the first flag:
{FLG:1Ts4L0NgW4yT07h3T0p1fY0UW4nN4R0cKnR0LL}
Now will you be able to overcome the next level? 😉

Yuppy .. we have the flag 🙂 That was all folks!