SHA2017 CTF Teaser round - Write-ups

Informations

Version

By Version Comment
noraj 1.0 Creation

CTF

  • Name : SHA2017 CTF Teaser round
  • Website : ctf.sha2017.org
  • Type : Online
  • Format : Jeopardy
  • CTF Time : link

The CTF was powered by the PHP Mellivora CTF platform/framework.

50 - Are You Safe - Web

SSL all the things! Start with your own webserver.

I need to create the file sha2017.ctf with djYEXGF3Nxay4OSq inside at the root of my website and have an A or A+ grade on Qualys SSL Labs in order to get the flag:

After Qualys SSL Labs scanned my website, I submited my URL and got an alert with Congrats, you are safe: flag{bb99d0e6fb089350af60504f49c7f2fa}.

100 - Follow Me - Web

We are tracking a hacker, can you help us track the hacker down and bring him to justice?

Here we need to Connect to this website from the last visited country, countries are randomly chosen and we need to do it 12 times (with the same cookie of course).

First I tried to change proxy, but proxy are hard to find for some countries and connections are dead most of the time.

So then I ask myself, I can't fake my IP address (because of proxy or VPN needed), website doesn't rely on browser geolocation, how to fake my location so? and finally found the answer X-Forwarded-For.

I have a French IP address, so instead of using all kind of proxies I'll do the reverse method:

  • I fake that I am a French HTTP Proxy provider
  • and use the HTTP header field X-Forwarded-For to fake a client IP adress using my fake proxy

So I use NirSoft Country IP list to find valid IP range/networks by country. So each time a country was asked, I found an IP address on NirSoft and then refreshed the challenge page adding X-Forwarded-For with the fake IP address. To do that I used Dolus Firefox plugin (also available on github) but it was possible to do I manually with a local proxy like Burp.

Here is my fake trip:

Flag was: flag{df2e914109f97c70d915cd9e3ab88b83}.

Share