feat: added KnightCTF 2024

2024-01-21 22:40:28 +07:00 · 2024-01-21 22:40:28 +07:00 · 5d33959391
parent 41ae468327
commit 5d33959391
15 changed files with 86 additions and 0 deletions
--- a/2024/KnightCTF
+++ b/2024/KnightCTF
@ -0,0 +1,25 @@
+# Gain Access 1
+> The web challenges are very much similar to real life application bugs. This is going to be a series of Gain Access with 3 challenges unlocks upon solving one by one. By solving these challenges, you'll gain a practical knowledge of Authentication Bypass Vulnerabilites as well as business logic error. The only difference is you'll not get any bounty but you'll get flags. Give it a try. And keep in mind, Don't make it hard, keep it simple. All the best. Solve the challenges & be a cyber knight.
+
+## About the Challenge
+We got a website without the source code, and there are 2 functions here. First, we can login using an email and password
+
+![preview 1](images/preview-1.png)
+
+And then there's another function where we can reset a user password using an email
+
+![preview 2](images/preview-2.png)
+
+## How to Solve?
+The login feature is vulnerable to SQL injection, to bypass the login page we need to input this username and password:
+
+```
+U: ' or true-- -
+P: test
+```
+
+![flag](images/flag.png)
+
+```
+KCTF{ACc0uNT_tAk3Over}
+```
--- a/1/images/flag.png
+++ b/1/images/flag.png
--- a/1/images/preview-1.png
+++ b/1/images/preview-1.png
--- a/1/images/preview-2.png
+++ b/1/images/preview-2.png
--- a/2024/Kitty/README.md
+++ b/2024/Kitty/README.md
@ -0,0 +1,29 @@
+# Kitty
+> Tetanus is a serious, potentially life-threatening infection that can be transmitted by an animal bite.
+
+## About the Challenge
+We got a website without the source code, and on this website it looks like we need to bypass the login page
+
+![preview](images/preview.png)
+
+## How to Solve?
+The login page is vulnerable to SQL injection, to bypass the login page we need to input this username and password:
+
+```
+U: admin" or true-- -
+P: test
+```
+
+![bypass](images/bypass.png)
+
+And then inside the dashboard, there is another form where we can execute OS command
+
+![form](images/form.png)
+
+To obtain the flag, input `cat flag.txt`
+
+![flag](images/flag.png)
+
+```
+KCTF{Fram3S_n3vE9_L1e_4_toGEtH3R}
+```
--- a/2024/Kitty/images/bypass.png
+++ b/2024/Kitty/images/bypass.png
--- a/2024/Kitty/images/flag.png
+++ b/2024/Kitty/images/flag.png
--- a/2024/Kitty/images/form.png
+++ b/2024/Kitty/images/form.png
--- a/2024/Kitty/images/preview.png
+++ b/2024/Kitty/images/preview.png
--- a/2024/README.md
+++ b/2024/README.md
@ -0,0 +1,10 @@
+# KnightCTF 2024
+CTF writeup for KnightCTF 2024. I took part in this CTF competition with the HCS team and secured the 1st place out of 727 teams
+
+| Category | Challenge |
+| --- | --- |
+| Web | [README](/2024/KnightCTF%202024/README/)
+| Web | [Kitty](/2024/KnightCTF%202024/Kitty/)
+| Web | [Gain Access 1](/2024/KnightCTF%202024/Gain%20Access%201/)
+
+> I just created a writeup for web challenges
--- a/2024/README/README.md
+++ b/2024/README/README.md
@ -0,0 +1,22 @@
+# README
+> Read me if you can!!
+
+## About the Challenge
+We got a website without the source code, and on this website, we need to read the `flag.txt` file to obtain the flag.
+
+![preview 1](images/preview.png)
+
+In this case, we can't directly read the `flag.txt` file. Instead, we can only read the `text.txt` file.
+
+![preview 2](images/preview-2.png)
+
+![preview 3](images/preview-3.png)
+
+## How to Solve?
+At first, I thought we need to read the flag using a Path Traversal vulnerability. However, in order to access the flag, we must first bypass the 403 restriction by adding an HTTP proxy header
+
+![flag](images/flag.png)
+
+```
+KCTF{kud05w3lld0n3!}
+```
--- a/2024/README/images/flag.png
+++ b/2024/README/images/flag.png
--- a/2024/README/images/preview-2.png
+++ b/2024/README/images/preview-2.png
--- a/2024/README/images/preview-3.png
+++ b/2024/README/images/preview-3.png
--- a/2024/README/images/preview.png
+++ b/2024/README/images/preview.png