DarkCTF | WEB Challenge — writeup

Recently i participated in pre-CTF organised by DarkArmy. I found web challenges interesting. So here is how i able to solve 2 web challenges.

Challenge 1 : Web/Mr. Robot

Mr. Robot

Firstly i opened the given link and i found interesting welcome page.

Homepage

When i did view-page-source i found “hellofriend.mov | Mr. Robot” video was embedded in the webpage.

page view source

Nothing Interesting here.

So challenge name is “Mr.Robot” so i thought let’s try to find robots.txt file.

robots.txt file

So we found “l33t_hax0r.html”.

So next step i did is open “http://mr-robot.darkarmy.xyz//l33t_hax0r.html

l33t_hax0r.html page

Flag : darkCTF{maybe_i_should_give_you_a_name}

Challenge 2 : Web/Puzzle

Web/Puzzle

“Slove puzzle and you will get your flag. puzzle.darkarmy.xyz”

So initially i thought challenge will be somewhat around “PUZZLE”. So i visited given link.

Image Puzzle

So i was right. It’s look like we need to rearrange whole image. Initially i thought let me rearrange whole image and let me find flag. But i realize that it’s WEB challenge so there will be some other way.

So i started to looking in “page-source” of the webpage.

View-Source

Firstly i didn’t find any useful thing. So i started to looking all files one by one.

After Few minutes i found “main.js” file.

main.js file

After reading all code. I found one path ‘xyz/xyz/xyz/abc.jpg’. So i appended that path with main URL.

abc.jpg

YAAAAAS. We found image that contain flag.

Flag : darkCTF{0p3n_y0ur_m1nd_b3c4u53_wh4t_y0u_see_sometime_not_real}

Note : In CTF we need to see all files and code carefully. we can get flag in few minutes.

Really i enjoyed DarkCTF. Thanks DarkArmy for organizing this Pre-CTF.

Pursuing M. Tech. in Cyber Security and Incident Response. #LoveToPlayCTF #infosec #cybersecurity