BOOK THIS SPACE FOR AD
ARTICLE ADBefore starting the walkthrough, let me introduce myself. Hola! I am Suyog Patil from Tasgaon, India. I am a hacker, bug hunter, CTF player, a lil-bit developer, weeb. I am passionate about computers, and technology evolving around us. I am very glad that I am exploring and trying to hack different technologies every day that we are directly or indirectly connected . This is my first write-up, so please ignore any grammar or other mistakes. For connecting check my do ckeck my website
Let’s start…
1. Get the password
Flag statementIn this particular challange they given us an website which is protectd by some username and password like:
As usual I decided to view the page source and as I thought I got some link here at the bottom of the page :
https%3A%2F%2Fgetthepassword-six.vercel.app%2Fasdfghjkl
this link have some html encoding to avoid the users to visit the website. like %3A%2F%2F(://) and %2F(/) . after rearranging our link will be like:
https://getthepassword-six.vercel.app/Fasdfghjkl
after visiting this link I reached the page like :
here we can see there is some encrypted text . First we try to decode this. This is the base64 encryption . So we have to decode this to move forward.
After decoding we got maybe password : l@k5hy@(tf
So If we see the login page deeply we can predict the username
every player need to log in to get the flag.
In this line username will be player bcz its highlighted.
after using the username and password I tryed to log in and …
3. Formatting Error
Flag statementIn this challenge they give a zip . so as always extracted it and moved on for analysing .txt file .
If you use the file command in the Linux and type the name of any file then it will show you is the extension give is correct or not . bcz most of the file in ctf challenges they play on extensions.
file attchment.txt
this command shows you the file nature it’s nature and what it contains.
As I say they play with extensions and names . by file command I came to know the original extension of this txt file was pdf. so I changed the extension and checked for flag. But bad luck .
I don’t know what happened and I went chatgpt for new technique . And guess what.
I came across the tool called pdftotext . this tool is just convert the pdf secret message the output.txt .
This challange was easy but too much confusing. but thanks to chatgpt.
Mark my words AI is far more dangerous (Elon musk) .
TIP : Alwasy consider chatgpt the last options for clues.4 . Tag the song
Flag statemntIn this challenge they provided one audio file . Don’t know but I’ve read article about audio file challenge writeup. mostly we have to find flags in that audio file by opening an audio-file-editor and check the ultrasonic sounds and all.
I decided to leave this challenge but as per law there as some commands that is used for hide secret messages in the images , videos and audio files . so I decided to check one .
I used strings command
The strings command in steganography is a tool used to extract human-readable text strings from binary files. Here's a brief overview in five lines:
Function: strings command extracts printable character sequences from binary files, typically uncovering hidden messages or metadata embedded within files.
Usage: It's often employed to analyze files, such as images or executables, to reveal concealed information that may not be immediately visible.
Scope: strings searches for sequences of characters that meet specific criteria, disregarding non-printable or irrelevant data.
Applications: It's frequently used in digital forensics, security analysis, and steganographic investigations to unveil covert messages or clues.
Output: The output of strings includes any human-readable text strings found in the file, offering insights into its contents or potential hidden content.
After analysing that audio file using strings command . And i got the flag.
TIP : No matter what extensin , check if there is any hidden mesage.5. pearl harbour
If you read the challeng then you will understand it’s a puzzel. But they said flag is in the message.wav or riddle.txt .
but after the extracting a folder there was three files. then I decided to open pdf. but it was protected by password.
After googling I came to know this is the ctf challenge . To solve the challenge I should crack the password by brute forcing.
I used johntheripper the world famous hacker tool.
John the Ripper is a powerful password cracking tool known for its versatility and effectiveness in recovering passwords. Here's a brief explanation in five lines:Functionality: John the Ripper is a command-line tool designed for cracking password hashes using various attack methods, including dictionary, brute-force, and hybrid attacks.
Hash Types: It supports a wide range of hash types, including UNIX, Windows, and more, making it compatible with many password storage mechanisms.
Customization: Users can customize attack parameters, such as wordlists, mangling rules, and attack modes, to optimize the cracking process for specific scenarios.
Performance: John the Ripper is highly optimized and can exploit multi-core CPUs and GPU acceleration, enabling fast and efficient password cracking.
Applications: It is widely used by security professionals, penetration testers, and forensic analysts to assess the strength of passwords and enhance overall security posture.
first we have to convert protected pdf to hash using pdf2john tool. and crack that hash buy using johntheripper tool. we have to provide the wordlist to tool for cracking . If you are using kali-Linux then there is world famous wordlist called rockyou.txt in kali which contains nearly 14,341,564 unique passwords
After successfully cracking the hash we got the password . kamakazi.
“The creator of this challenge should be an Eminem fan; that’s why he chose this password.”
after using password we can access the pds and got the flag.
TIP : If you see any file is protectd by password then use the john the ripper tool.8. Log In If You Can
After reading he problem statement I went to the website . There was just a login function.
So as usually I checked for the Source code if I get any leading information for flag But nothing anything else was there. After doing all my methods sqli comes in my mind so I went to sqli payloads .
And try to buy pass admin panel: and did it successfully.
SQL Injection (SQLi):
SQL injection is a type of security vulnerability that occurs when an attacker is able to inject malicious SQL code into a web application's SQL query.
It typically happens when user input is not properly sanitized or validated before being included in SQL queries, allowing attackers to manipulate the queries' logic.
SQL injection attacks can result in unauthorized access to sensitive data, modification of database records, and even complete control over the web application and its underlying server.