NullCON #ackIm CTF 2017 Write-UP(Web-1)
we are always excited for #ackIm CTF.
I was palying this CTF from 2k12. and This is the one of the best CTF I ever play.so lets not waste time and start the Journey.
When you login to Portal you find the below details.
Obliviously the first step Is to Hit the WEB challenge coz I assume that it will be easy but that assumption got killed bruatally.
So the challange was
Chris Martin wants to go home. Can you help him get there as soon as possible?
after looking source code I notice that my scroll bar is too long
In The End i think I Found the Flag
it was base64 sting which gives the md5 hash
Base64 -->; MD5 -->; Coldplayparadise.
This Time I was sure that this must be username/password.
When i put this as username password.
It Gives me
Mismatch in host table! Please contact your administrator for access. IP logged.
A quick idea to add X-Forwded-For: 127.0.0.1 will give you the first flag.
And The Flag is
The flag is: 4f9361b0302d4c2f2eb1fc308587dfd6
Yay so Finally we did it.
hope you understand that how my first assumption got brutally Killed.