Writeup for HumanCTF 2018 by Magbanua Inc.
Munir, Sammy, Joseph and I did this challenge on the airport while waiting for boarding time. We managed to get 1150 points and got 8th place on HumanCTF 2018. Here’s the writeup for the challenges :
Web: Meet the Überbank — 20 point
In order to get the flag, you just need to view-source the homepage http://ctf.knastu.ru/webch/ and you will get the flag
Flag : HumanCTF{ha57_du_3in3n_V3r7rag}
Web: What you have Tamed ? — 50 point
There is a clue on the challenge description about “robot”. So, you just need to open http://ctf.knastu.ru/webch/robots.txt to get the flag.
Flag: HumanCTF{skynet_d035n7_pa55}
Web: Broken — 70 point
There is a clue on the challenge description about “admin”, so we guess that we need to check the admin path. By some guessing, we try to open http://ctf.knastu.ru/webch/admin/ , view-source, and we got the flag.
Flag: HumanCTF{wind0w_cl3an3r_w0rk5_wi7h_wind0w5}
Web: More than privacy — 80 point
When we open the privacy policy page, we notice something’s wrong with the URL (http://ctf.knastu.ru/webch/read?file=privacy.txt). The page will show the content of file that was requested on GET file parameter. We try to request flag.txt (http://ctf.knastu.ru/webch/read?file=flag.txt) and we got the flag.
Flag: HumanCTF{n0b0dy_r3ad5_privacy}
Web: Deposit: Part I — 100 point
The challenge description give us clue that there was other deposits that wasn’t shown on the website. When we try to open one of the deposits, we notice that there was the ID deposits on the URL (http://ctf.knastu.ru/webch/deposits/1). We try to change it to ID=3 because there was only 2 deposits shown on the website and we got the flag. Link : (http://ctf.knastu.ru/webch/deposits/3)
Flag: HumanCTF{7ru57_m3_i_will_pay_y0u}
Web: Deposit: Part II — 120 point
The challenge description is same with Deposit: Part 1, so we think that there must be another deposits somewhere hidden on the page. We try to view-source and found something’s fishy hidden on the source.
var _0x5af3=['\x6c\x6f\x67','\x68\x74\x74\x70\x3a\x2f\x2f\x63\x74\x66\x2e\x6b\x6e\x61\x73\x74\x75\x2e\x72\x75\x2f\x77\x65\x62\x63\x68\x2f\x64\x65\x70\x6f\x73\x69\x74\x73\x2f\x73\x75\x70\x65\x72\x5f\x64\x65\x70'];(function(_0x542edf,_0x4a09aa){var _0x155d00=function(_0x1f0532){while(--_0x1f0532){_0x542edf['push'](_0x542edf['shift']());}};_0x155d00(++_0x4a09aa);}(_0x5af3,0x166));var _0x3578=function(_0x5c2172,_0x180f6e){_0x5c2172=_0x5c2172-0x0;var _0x4e4347=_0x5af3[_0x5c2172];return _0x4e4347;};function get_dep(){console[_0x3578('0x0')](_0x3578('0x1'));}
We try to decode it on python and we got the hidden deposits link
Flag: HumanCTF{07h3rwi53_I_w0uld_n07_g37_rich}
Web: Hired! — 120 point
For this challenge, we guess that the challenge must be on http://ctf.knastu.ru/webch/jobs/manage because we saw /jobs/manage path on the robots.txt and the challenge’s title is Hired!. After open the URL, we check the source but found nothing. Then we try to click apply and found that there is GET with ID parameter.
After a while, we try to check our cookie and found is_ueberadmin with value=0. We changed it to 1, refresh, and we got the flag.
Flag: HumanCTF{} #Don't be confused, the flag is empty!!.
Web: 5 types — 120 point
Based on its title, we check the About page of the challenge because it shows the founder of Überbank (http://ctf.knastu.ru/webch/about/). Similar to the Deposit: Part I and Part II, based on their challenge’s description, we need to found hidden profile on the page. After we view the source, we found new path on a script tag (http://ctf.knastu.ru/webch/about/get_rating.js). We try to open that path and we got the flag.
Flag: HumanCTF{ar3_y0u_a_7ruly_70l3ran7_with_flag5}
Reverse: Trash — 190 point
Coming soon…
Reverse: Old business — 250 point
Coming soon…