VULNCON CTF 2020
Recently I participated in Vulncon CTF, So let’s see how I was able to solve a few challenges.
Web
1. Maze
So Let’s Open Given Link
So nothing interesting here. So in a challenge, they mentioned we can use gobuster so let’s check for some hidden directories. [ i have used dirsearch tool]
So we found one hidden URL: /projects/. So let’s visit that page.
So nothing interesting let’s look at source code.
So we can see one path is given in the HTML page as a comment so let’s visit it.
we have one QR code. let’s decode it.
So in the URL we can see “http://maze.noobarmy.org/projects/justsomerandomfoldername/image-0.png” it ends with “image-0” and on the previous page, it mentioned that author loves 27 so I visited the following page.
http://maze.noobarmy.org/projects/justsomerandomfoldername/image-27.png
So again I got a QR code and when then I decoded it. I was given one number “13”
So again I changed the URL to “image-13” and again the new QR code was there.
So this time I used the “wget” tool to download this QR code and in the “wget” result I found some interesting results.
We have one Base64 string. “aWh5YXBiYXtqQCRfN3UxJF8zaTNhX0BfajNvX3B1QHl5M2F0Mz99”
So let’s decode it.
So we are near to flag. So this string looks like ROT13. Let’s do ROT-13
Yaaaaaaaaaaas. we solved this challenge.
Flag: vulncon{w@$_7h1$_3v3n_@_w3b_ch@ll3ng3?}
Apart from this challenge I was able to solve the following challenges.
- All I know was zip
- Pcaped
- Find The Coin
But this web challenge was most interesting.
