fix: wrong link and wrong title

24h@CTF 2023/Blue's Clues 5 Initial Access/README.md

@@ -1,4 +1,4 @@
-# Welcome!
+# Blue's Clues 5/8: Initial Access
 > The web server?? How did the threat actor get access to the web server? Surely we have logs for that... It hosts a simple PHP website, nothing complex.
 
 > Find the malicious file.

24h@CTF 2023/Blue's Clues 7 Tunnel/README.md

@@ -1,4 +1,4 @@
-# Welcome!
+# Blue's Clues 7/8: Tunnel
 > Okay. Let's recap. The web server somehow got exploited, and a webshell was uploaded. The webshell allowed for commands to be executed. A reverse-shell was launched. A gitlab user was created. The gitlab user created a malicious pipeline.
 
 > Using this search in analytics>discover: host.hostname :"Rezifp-GitLab-Server" and gitlab.meta.remote_ip:10.0.0.5 and gitlab.ua:* And going into the "field statistics" tab, we can see that there are two user agents: curl and firefox, that made queries to our gitlab from the web server. However, firefox is not installed on the web server. There must be a tunnel/socks proxy that was created. Find the command line that created that tunnel.

BYUCTF 2023/Legoclones 2/README.md

@@ -1,4 +1,4 @@
-# Legoclones 3
+# Legoclones 2
 > Wow, this wiki is so old, it wasn't even captured by the Wayback Machine until a few years after it had started to flourish. Can you figure out the exact date and time the wiki was created? There may be somewhat reputable sources with a date listed, but in an effort to force you to find an authoritative, reputable source, I'm also requiring you to find the time it was created too. Because I'm too lazy to worry about timezones, the flag is only the minute of when it was created.
 
 > For example, if you found the wiki was created at 01:23, then the flag is byuctf{23}.