Sep 21, 2020

4 min read

Cybertalents Quals : Saudi, Sudan, Egypt and Tunisia National CTF 2020 Write-Up

Hi , My name is Ahmed Magdy
This is frist write-up for my

Let’s go……

General Information

After search in (( al4y5 Google ))

The answer >> “ macro virus ” but the answer to submit “ macro ”

Let’s go solving the web challenge

1- Pr0mo ( Easy )

I don’t find any button so check the sourse code and i don’t find any thing again so

I check in case i find the cookies

I find this cookies
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJ1c2VyIjoiZ3Vlc3QifQ.-HH8XJLZbewaxQQkraUukPpThcOG9LUSIq7gxhlMF6s

After search in (( al4y5 google )) I find two attack in jwt

one of them Cracker Signature

So i use the tool jwt-secret

I find the secret key (123123)

and change the user from “guest” to “admin”

And i use the storage in tool inspet element and edite the new cookies

it was BrainFuck language .. So Let’s decode it

it is BrainFuck language .. So Let’s decode it

go to This website to decode the string

Flag: FLAG{JWT_I_Lik3_iT}

2-Red Alert 2.0 ( easy )

I check the sourse code and i find the js code but i don’t understand it at frist

so i tried the XSS Alert Payload

I tried <img src=1 onerror=alert(1)> but the payload not give my the alert but print the fake img

And i tried <video><source onerror=”alert(1)”> the payload give my the alert but don’t give my the flag

So i go to read the js code again and search in (( al4y5 Google )) about the Mutation XSS

I find the write-up for XSS in Google and find the payload

<noscript onkeyup=”alert(1)” contenteditable></noscript>

Flag: FLAG{Go0Gl3_XSs_XD}

3- Mystery (Medium)

I’m openning the source code, I find this herf MD5 hash

I tried decode it and I find meaning ( 1 ,, 5 ,, 66 )

So i’m makeing file have MD5 hash from (1) to (100) number and brute-force numbers with burp-suite and check the status (200)

the number 43 with status (200) and with a hash value “17e62166fc8586dfa4d1bc0e1742c08b” find the flag with it

Flag: flag{MD5-N0T-1337}

Digital Forensics

1- Images3c (Easy)

Download the file and unzip

I find this img :

I use the tool name steghide to check if the img have hide file

I find the file but i need pass for read it

I use the StegCracker to read it and use the wordlist handlin to crack the pass

The pass >> 1234

And your hide file name is cyber.jpg.out

Flag: flag{cyb3rs3cisaw3s0me}

Think you for your time

And finally, Thank you to read this writeup :D

Cybertalents Quals : Saudi, Sudan, Egypt and Tunisia National CTF 2020 Write-Up

Let’s go……

Let’s go solving the web challenge

Digital Forensics

More from Ahmed Magdy

Recommended from Medium

❤️#NFTPOSSION Update. #NFTP IEO session 2 on Vindax

Data Privacy Is No Longer An Option. It’s A Necessity

GSoC’20: The Honeypot Project with OWASP

{UPDATE} Dream Lands Hack Free Resources Generator

Solving Enterprise Data Breach with Turnkey Neobank Solutions

{UPDATE} Escape Game: Christmas Night Hack Free Resources Generator

SureCrypto Surpasses Softcap!

How Public Key Cryptography will continue to liberate a global society

Get the Medium app

Ahmed Magdy

More from Medium

TryHackMe — Pickle Rick

Good Game — HTB(write up)

KnightCTF-2022 Write-up

TryHackMe | Overpass 2 — Hacked