Ahmed Magdy

Sep 21, 2020

4 min read

Cybertalents Quals : Saudi, Sudan, Egypt and Tunisia National CTF 2020 Write-Up

Hi , My name is Ahmed Magdy

This is frist write-up for my

Let’s go……

General Information

After search in (( al4y5 Google ))

The answer >> “ macro virus ” but the answer to submit “ macro

Let’s go solving the web challenge

1- Pr0mo ( Easy )

pr0mo

I don’t find any button so check the sourse code and i don’t find any thing again so

I check in case i find the cookies

I find this cookies
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiZ3Vlc3QifQ.-HH8XJLZbewaxQQkraUukPpThcOG9LUSIq7gxhlMF6s

After search in (( al4y5 google )) I find two attack in jwt

one of them Cracker Signature

So i use the tool jwt-secret

I find the secret key (123123)

and change the user from “guest” to “admin”

And i use the storage in tool inspet element and edite the new cookies

it was BrainFuck language .. So Let’s decode it

it is BrainFuck language .. So Let’s decode it

go to This website to decode the string

Flag: FLAG{JWT_I_Lik3_iT}

2-Red Alert 2.0 ( easy )

I check the sourse code and i find the js code but i don’t understand it at frist

so i tried the XSS Alert Payload

I tried <img src=1 onerror=alert(1)> but the payload not give my the alert but print the fake img

And i tried <video><source onerror=”alert(1)”> the payload give my the alert but don’t give my the flag

So i go to read the js code again and search in (( al4y5 Google )) about the Mutation XSS

I find the write-up for XSS in Google and find the payload

<noscript onkeyup=”alert(1)” contenteditable></noscript>

Flag: FLAG{Go0Gl3_XSs_XD}

3- Mystery (Medium)

I’m openning the source code, I find this herf MD5 hash

I tried decode it and I find meaning ( 1 ,, 5 ,, 66 )

So i’m makeing file have MD5 hash from (1) to (100) number and brute-force numbers with burp-suite and check the status (200)

the number 43 with status (200) and with a hash value “17e62166fc8586dfa4d1bc0e1742c08b” find the flag with it

Flag: flag{MD5-N0T-1337}

Digital Forensics

1- Images3c (Easy)

Download the file and unzip

I find this img :

I use the tool name steghide to check if the img have hide file

I find the file but i need pass for read it

I use the StegCracker to read it and use the wordlist handlin to crack the pass

The pass >> 1234

And your hide file name is cyber.jpg.out

Flag: flag{cyb3rs3cisaw3s0me}

Think you for your time

And finally, Thank you to read this writeup :D

Ctf Writeup
Ctf
Ctf 2020

--

--

More from Ahmed Magdy

Interested in infosec || CTF Player || Pentester || Bug Hunter || Security Researcher

Recommended from Medium

Omidyar Network

in

Omidyar Network

Open Questions on Good ID: Can it be Measured?

0xdec4f

in

CORE Vault

coreDAO Security Audit & Public Review

Raf McDougall

{UPDATE} The Other Side: Tower of Souls Free Hack Free Resources Generator

Fienny Angelina

in

Code Like A Girl

Best Practice to Secure your WebHooks

Gagarin Launchpad

How To Connect CSC Wallet To GAGARIN?

Autonomous

in

#WorkSmarter

How to Protect Your Company Against Cyber Attacks

Dina Faxen

{UPDATE} Icontrivia : Guess the Superheroes Hack Free Resources Generator

CryptoDrops

Solster Finance x UPFI Network Airdrop Campaign - Prize Pool 20000 $UPS

AboutHelpTermsPrivacy

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Ahmed Magdy

Ahmed Magdy

100 Followers

Interested in infosec || CTF Player || Pentester || Bug Hunter || Security Researcher

Help

Status

Writers

Blog

Careers

Privacy

Terms

About

Text to speech