feat: added Rush CTF 2023

2023-03-12 06:49:54 +07:00 · 2023-03-12 06:49:54 +07:00 · 4194b10cda
parent 865174bf56
commit 4194b10cda
14 changed files with 102 additions and 1 deletions
--- a/README.md
+++ b/README.md
@ -20,4 +20,5 @@ List of CTF events that i have joined before
 | Cyber Security Challenge Germany 2023 | 02 March, 00:00 WIB — 02 May 2023, 00:00 WIB | Soon |
 | CTF After Dark - Winter 2023 | 02 March, 09:00 WIB — 09 March 2023, 11:00 WIB | [Link](/CTF%20After%20Dark%20-%20Winter%202023/) |
 | KalmarCTF 2023 | 04 March, 00:00 WIB — 06 March 2023, 00:00 WIB | [Link](/KalmarCTF%202023/) |
-| Nullcon HackIM CTF 2023 | 09 March, 18:00 WIB — 10 March 2023, 18:00 WIB | [Link](/Nullcon%20HackIM%20CTF%202023/) |
+| Nullcon HackIM CTF 2023 | 09 March, 18:00 WIB — 10 March 2023, 18:00 WIB | [Link](/Nullcon%20HackIM%20CTF%202023/) |
 | Rush CTF 2023 | 11 March, 17:00 WIB — 12 March 2023, 05:00 WIB | [Link](/Rush%20CTF%202023/) |
--- a/2023/Blog/README.md
+++ b/2023/Blog/README.md
@ -0,0 +1,28 @@
 # Blog
 > Hey what do you think about my blog?
 ## About the Challenge
 We have been given a plain website that contains a blog
 ![preview](images/preview.png)
 ## How to Solve?
 If we check one of the post, the endpoint will looks like this
 ![post](images/post.png)
 ```
 http://challs.ctf.cafe:5555/post.php?page=post1.html
 ```
 So I tried to to change the `post1.html` value to another file, for example `/etc/passwd`.
 ![test](images/test.png)
 Unfortunately, we can't check the `passwd` file because we still inside the `posts` directory. We can use `../` or dot dot slash to go to `/` directory and then read the `passwd` file
 ![flag](images/flag.png)
 ```
 RUSH{LF1_1S_SO_3Z_F0R_M3}
 ```
--- a/2023/Blog/images/flag.png
+++ b/2023/Blog/images/flag.png
--- a/2023/Blog/images/post.png
+++ b/2023/Blog/images/post.png
--- a/2023/Blog/images/preview.png
+++ b/2023/Blog/images/preview.png
--- a/2023/Blog/images/test.png
+++ b/2023/Blog/images/test.png
--- a/v2/README.md
+++ b/v2/README.md
@ -0,0 +1,19 @@
 # Miss Bardot v2
 > To some she was an icon, to others she was a sheperd, I need you to find the one that's already gone.
 > Flag2: You will need to go inside her to complete the flag.
 > RUSH{ON_____NT__}
 ## About the Challenge
 After we know this chall is about `MV Brigitte Bardot` chall. We need to go inside the ship and find the flag
 ## How to Solve?
 I got the flag by using YouTube video about `MV Brigitte Bardot`. You can check the YouTube video [here](https://youtu.be/2dSzo1DZin4?t=707)
 ![youtube](images/youtube.png)
 In top of the video, there is a string that match with the flag format
 ```
 RUSH{ON50892NT29}
 ```
--- a/v2/images/youtube.png
+++ b/v2/images/youtube.png
--- a/v3/README.md
+++ b/v3/README.md
@ -0,0 +1,19 @@
 # Miss Bardot v3
 > To some she was an icon, to others she was a sheperd, I need you to find the one that's already gone.
 > Flag3: Name of the Vegan Cookbook they have.
 > RUSH{ALLCAPSVEGANCOOKBOOK}
 ## About the Challenge
 After we know this chall is about `MV Brigitte Bardot` chall. We need to know the vegan cookbook they have
 ## How to Solve?
 I got the flag by using YouTube video about `MV Brigitte Bardot`. You can check the YouTube video [here](https://youtu.be/2dSzo1DZin4?t=673)
 ![youtube](images/youtube.png)
 In the table, there is a vegan cookbook
 ```
 RUSH{BETTYGOESVEGAN}
 ```
--- a/v3/images/youtube.png
+++ b/v3/images/youtube.png
--- a/Bardot/README.md
+++ b/Bardot/README.md
@ -0,0 +1,23 @@
 # Miss Bardot
 > To some she was an icon, to others she was a sheperd, I need you to find the one that's already gone.
 > Flag1: Who made her and what's her flag?
 > RUSH{ALLCAPSBUILDERNAMEFLAG}
 ## About the Challenge
 We need to know what `Miss Bardot` is and then find the builder name and the flag
 ## How to Solve?
 I got the solution because one of the team member give me a link about `MV Brigitte Bardot` on a group chat
 ![chat](images/chat.png)
 And after searching on wikipedia, I know the builder name is `Vosper Thornycroft` and the flag is `Australia`, but when I submit the flag, the flag was wrong. So i opened the ticket and I told them what i have found before they said the builder name is correct but the flag is wrong.
 I tried to doing a little search again about the flag, and I found some website said `MV Brigitte Bardot` flag is `Dominica`
 ![flag](images/flag.png)
 ```
 RUSH{VOSPERTHORNYCROFTDOMINICA}
 ```
--- a/Bardot/images/chat.png
+++ b/Bardot/images/chat.png
--- a/Bardot/images/flag.png
+++ b/Bardot/images/flag.png
--- a/2023/README.md
+++ b/2023/README.md
@ -0,0 +1,11 @@
 # Rush CTF 2023
 CTF writeup for Nullcon Rush CTF 2023. I took part in this CTF competition with the TCP1P team, and got 11th place out of 100 teams
 Thanks to the TCP1P team especially @dimasma0305 and @dRe
 | Category | Challenge
 | --- | --- |
 | Web | [Blog](/Rush%20CTF%202023/Blog/)
 | Osint | [Miss Bardot](/Rush%20CTF%202023/Miss%20Bardot/)
 | Osint | [Miss Bardot v2](/Rush%20CTF%202023/Miss%20Bardot%20v2/)
 | Osint | [Miss Bardot v3](/Rush%20CTF%202023/Miss%20Bardot%20v3/)