Securinets Friendly CTF 2k22

My web Tasks for Securinets Friendly CTF 2k22

Intro

Securinets Friendly CTF is our very first CTF for 2022-2O23 academic year. It’s meant to be for early beginners without prior knowledge in order to introduce them to the field. This CTF was 5 days long and was launched after 4 hours Introduction To Cybersecurity training.
I’am really blessed with the huge amount of satisfaction and feedbacks that we received from the players.
Kudos to all the authors for the 113 creative and well structured challenges.

Stats

Web Writeups

I’am writing this for the people who asked about solutions, hope you find this helpful.

Task Name Solves
Welcome 155
Web Crawler 153
JW token 145
Request basics 1 135
LoGic? 113
NFT Marketplace 107
Request basics 2 106
Request basics 3 92
COOOOOOOOkiiie 86
XXdirect 74
Halt and Catch Fire 43
Tunisia 29

Eventhough the tasks are basic, all my web challs were well guided with source code available.

Welcome

NFT Marketplace

JW token

LoGic?

preg_replace() in php replaces only once.

Request basics 1

Request basics 2

Request basics 3

Web Crawler

COOOOOOOOkiiie

all you have to do is to delete the Cookie

Then, decode with cyberchef (online website)

XXdirect

You should notice that the Url changes from XXdirect.ctf.securinets.tn to redirect.ctf.securinets.tn

all you have to do is to see raw response from the first url

Halt and Catch Fire

Some players were trying to deobfuscate JS and ended up with a
single part of the flag, that’s nice but the intended solution
is to expose players to Browser debug mode.

Tunisia

The least solved one,

You should notice that whatever input in placeholder1 param gets injected in html code.

I already gave you the format of the injection with the attribute id=”placeholder2” to modify : all you have to do is to google how js is interacting with html and thus you’ll find the known js method : getElementById

Searching in Tunisia.js, you’ll find that if the div element isn’t “map”, there will be a console logging of the char “-“

solution : web.ctf.securinets.tn:7005/?placeholder1=<div id=”map”></div>

with base 64 decoding the secret is : GetElEmeNtById

flag : Securinets{GetElEmeNtById}

Conclusion

To all players who joined us, no matter what you solved, we are proud of you and we hope to see you soon in our upcoming workshops.
To all Tunisian Cybersecurity enthusiasts, reach us if you feel that we can help you, it’s our pleasure, we’re learning new stuffs everyday and we don’t mind sharing them with you.