Sunday, 30 March 2014

Volga CTF 2014 Quals Web-100

Well,It was very hard to solve challenges frankly speaking.We were well prepared for the CTF but was in vain.

The question was to find the hidden flag in their webpage (http://tasks.2014.volgactf.ru:28101/)

Note: [Server is down so cannot fetch the exact question.Sorry about that]

 I really have no clue about web challenges as i am not the guy at all.But i know the basics.Hence as a challenge with blank mind i just looked at the login page

I just logged in.I saw this.



Looking at it ,its evident that its something about phpsessionid.Well before this i had seen a comment in html source page saying help.php..so i loaded http://tasks.2014.volgactf.ru:28101/help.php and saw this:
well i just wanted to test it so i put the link with phpsessionid when i logged in and submitted it.Now i just reloaded the logged in page and here i get the flag.
The flag taught me that it was a session fixation.Woot learnt something new :-)

FLAG : Easy_task_on_Session_Fixation.
Posted by at
Labels: , ,

6 comments:

  1. Anonymous30 March 2014 at 10:16

    hello :D

    i just didn't get the hole idea ??... how did you jsut loged in ?

    Thanks

    ReplyDelete
    Replies
    1. Unknown30 March 2014 at 11:31

      The design was like that.
      1. If user does not exit - it creates with that username:password and loges you in with that user.
      2. Else username:password should be correct.

      Hope it answers your Question.

      Delete
  2. Adithya30 March 2014 at 10:31

    I dint get your question though :-/ It was just a login page which will register if you just give it a username and a password..The challenge was fixing the session using help.php which was a clue through source-page.

    ReplyDelete
  3. Anonymous30 March 2014 at 11:42

    well done!

    ReplyDelete
  4. crax031 March 2014 at 07:21

    You could also try with history.back() js and inspect element ( firebug, etc).

    ReplyDelete
    Replies
    1. Adithya31 March 2014 at 12:00

      oh hmm.. thank u for an alternative way :-)

      Delete

enter valid comments.Suggestions are most welcome and would be interested in correcting my mistakes.

Subscribe to: Post Comments (Atom)