-------------CTF WEB CHALLENGE-------

This is the place for ALL of the user submitted challenges. If you create a little challenge/mission/riddle/whatever, post it here.
Forum rules
Do not post missions that you did NOT create without proper citing.

-------------CTF WEB CHALLENGE-------

Post by JayKumarDutta_CTF on Sat Jan 16, 2016 12:21 pm
([msg=91301]see -------------CTF WEB CHALLENGE-------[/msg])

Hello,

I am presently in a CTF competition where I need to solve ::


EXPLOIT THIS WEBSITE: 103.10.24.99:5006

HINT:: WEB IS A TOUGH PROBLEM WHICH NEEDS RIGHT MEDICINE TO CURE

THANKS... :) :)
JayKumarDutta_CTF
New User
New User
 
Posts: 9
Joined: Sat Jan 16, 2016 12:13 pm
Blog: View Blog (0)


Re: -------------CTF WEB CHALLENGE-------

Post by -Ninjex- on Sun Jan 17, 2016 9:08 am
([msg=91307]see Re: -------------CTF WEB CHALLENGE-------[/msg])

This isn't a user submitted challenge...
With that aside, I did some testing and I ended up with the following image

Image

What CTF event is this for, I would like an official page to test flags on and so I can see what the flag should look like.
image
For those that know
K: 0x2CD8D4F9
User avatar
-Ninjex-
Moderator
Moderator
 
Posts: 1691
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: -------------CTF WEB CHALLENGE-------

Post by JayKumarDutta_CTF on Sun Jan 17, 2016 11:24 am
([msg=91309]see Re: -------------CTF WEB CHALLENGE-------[/msg])

So that is the image you uploaded??? Or you got it by exploiting???

Well, lemme tell you #Ninjex thanks for trying it.......

The CTF event has normal flags just like flag{java_is_not_just_coffee} or flag{rsa_is_awesome}


So tell me could you exploit it??


You cannot test the flag as the CTF event's registration is closed now and only registered users can open their account....

IF YOU EXPLOITED, PLEASE TELL ME HOW TO DO SO... :D :D :D

-- Sun Jan 17, 2016 9:34 pm --

SEEMS WE NEED TO DCODE THAT IMAGE....
JayKumarDutta_CTF
New User
New User
 
Posts: 9
Joined: Sat Jan 16, 2016 12:13 pm
Blog: View Blog (0)


Re: -------------CTF WEB CHALLENGE-------

Post by -Ninjex- on Sun Jan 17, 2016 9:38 pm
([msg=91312]see Re: -------------CTF WEB CHALLENGE-------[/msg])

I'm aware

I've removed all of your other posts because they do not adhere to our rules and policies.

Forum rules
Do not post missions that you did NOT create without proper citing.


You still haven't cited the challenge correctly. I'll keep this up for some time, but if it doesn't get cited soon, I'll have to remove it as well.
image
For those that know
K: 0x2CD8D4F9
User avatar
-Ninjex-
Moderator
Moderator
 
Posts: 1691
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: -------------CTF WEB CHALLENGE-------

Post by JayKumarDutta_CTF on Mon Jan 18, 2016 5:27 am
([msg=91315]see Re: -------------CTF WEB CHALLENGE-------[/msg])

The CTF PAGE- junior.inctf.in
JayKumarDutta_CTF
New User
New User
 
Posts: 9
Joined: Sat Jan 16, 2016 12:13 pm
Blog: View Blog (0)


Re: -------------CTF WEB CHALLENGE-------

Post by -Ninjex- on Mon Jan 18, 2016 7:39 am
([msg=91317]see Re: -------------CTF WEB CHALLENGE-------[/msg])

Thank you. I'll probably play around with this more when I have time. The injection was pretty simple to get the image. From quick stabs at it, I'm not really seeing any stego off the bat or other hidden files like zips/tars inside it
image
For those that know
K: 0x2CD8D4F9
User avatar
-Ninjex-
Moderator
Moderator
 
Posts: 1691
Joined: Sun Sep 02, 2012 8:02 pm
Blog: View Blog (0)


Re: -------------CTF WEB CHALLENGE-------

Post by JayKumarDutta_CTF on Mon Jan 18, 2016 11:47 am
([msg=91318]see Re: -------------CTF WEB CHALLENGE-------[/msg])

How did you inject it??



And we have to also find how to decode this file..

PS :: I tried decoding unstegging it by using Camouflage but it required some password. DO YOU THINK THAT YOU KNOW THE PASSWORD??



Hey Ninjex, the problem is that the website [IMGUR] where you have uploaded the image erased it's cryptic data. So, you should upload the image you got on Zippyshare as it doesn't delete the cryptic data....

PLEASE UPLOAD THERE.... :mrgreen: :mrgreen: :mrgreen: :D :D :D
JayKumarDutta_CTF
New User
New User
 
Posts: 9
Joined: Sat Jan 16, 2016 12:13 pm
Blog: View Blog (0)


How to desteg this image?

Post by JayKumarDutta_CTF on Wed Jan 20, 2016 5:37 am
([msg=91339]see How to desteg this image?[/msg])

Hey guys,
I have got an image that I need to desteg. I need to do anything to find a flag in the image. [ like flag{abcde}] and I am unable to see what to do.....

Image

Please help...
JayKumarDutta_CTF
New User
New User
 
Posts: 9
Joined: Sat Jan 16, 2016 12:13 pm
Blog: View Blog (0)


Re: How to desteg this image?

Post by Jbraithwaite on Wed Jan 20, 2016 6:35 am
([msg=91340]see Re: How to desteg this image?[/msg])

I don't know about destegging but I do know images, and you need to be careful about where you host the image as it can strip data from the image. Might be a clue as to why you can't find anything in it. IF the basic EXIF data has been stripped, it might be a hint that other things have been stripped too. Just a thought.

A link to the original image might help people more as it might retain the data in the file.
In training....
Jbraithwaite
Poster
Poster
 
Posts: 198
Joined: Tue Nov 10, 2015 4:35 am
Location: Whatever my VPN says.
Blog: View Blog (0)


Re: How to desteg this image?

Post by JayKumarDutta_CTF on Wed Jan 20, 2016 6:40 am
([msg=91341]see Re: How to desteg this image?[/msg])

It's EXIF data exists....


It is a Huffman Coding file...


WHAT TO DO NOW???
Last edited by JayKumarDutta_CTF on Wed Jan 20, 2016 6:48 am, edited 1 time in total.
JayKumarDutta_CTF
New User
New User
 
Posts: 9
Joined: Sat Jan 16, 2016 12:13 pm
Blog: View Blog (0)


Next

Return to User Submitted

Who is online

Users browsing this forum: No registered users and 0 guests