feat: added texsaw 2023

TexSAW 2023/Ancient Methods/README.md

@@ -0,0 +1,14 @@
+# Ancient Methods
+> I have encrypted an article using a substitution cipher. Can you break it and find the key within the article?
+
+## About the Challenge
+We have been given an encoded message (You can download the file [here](substitution.txt))
+
+## How to Solve?
+To solve this chall, im using `Monoalphabetic Substition Decoder` (You can use this [website](https://www.dcode.fr/monoalphabetic-substitution)).
+
+![flag](images/flag.png)
+
+```
+TEXSAW{YOUDIDAGREATJOB}
+```

TexSAW 2023/Ancient Methods/substitution.txt

@@ -0,0 +1 @@
+sfqgaplvfsuvpup mxif ysaes pvslf umf um lfsuqgc umxu laggfpraskvst gftvasp an umf wfnu xsk gvtmu mfzvprmfgfp an umf hgxvs kasu xwexcp rfgnagz umf pxzf nqsluvasp vzxtvst puqkvfp mxif zagf gflfsuwc kalqzfsufk umvp wxufgxwvoxuvas vs umf lasufdu an lmgasvl rxvs prflvnvlxwwc vs umf xzctkxwx emfgf fzauvasxw rgalfppvst xwpa allqgpx ufxz an gfpfxglmfgp wfk hc kg hfsfkvlu yawhfg xppalvxuf rganfppag an sfqgaplvfslf vs umf plmaaw an hfmxivagxw xsk hgxvs plvfslfp xu umf qsvifgpvuc an ufdxp xu kxwwxp mxp kfzaspugxufk vs zvlf umxu x pvstwf sfqgarfruvkf mxp arrapvuf fnnflup as lmgasvl hwxkkfg rxvs emfs umf zawflqwf vp xluvif vs zxulmvst gftvasp an arrapvuf mfzvprmfgfp an umf hgxvs umf gfpfxglm exp rqhwvpmfk vs umf nfh  rgvsu vppqf an umf jaqgsxw hvawatvlxw rpclmvxugcumvp nvskvst vp rxguvlqwxgwc pugvyvst  vup nwvr pvkfp an umf pxzf lavs pxvk yawhfg ema vp laggfpraskvst xqumag an umf puqkc xsk vp xnnvwvxufk evum umf lfsufg nag xkixslfk rxvs puqkvfp xu quk vup hvoxggf vu prfxyp ua umf nwfdvhvwvuc an sxuqgxw pcpufzp emvwf vs zxsc lxpfp umfgfp gfkqskxslc umfgf lxs xwpa hf prflvxwvoxuvas umxu fiawifpyawhfgp ufxz laskqlufk vup puqkc as x zaqpf zakfw an hwxkkfg rxvs emfs umf gfpfxglmfgp vsugakqlfk umf rgaufvs lxwlvuasvs tfsfgfwxufk rfruvkf ltgr ua umf xsvzxwp xzctkxwxf umfc naqsk umxu ltgr xkzvsvpufgfk vs umf gvtmu pvkf vslgfxpfk hfmxivagxw pvtsp an hwxkkfg rxvs hqu emfs xkzvsvpufgfk vs umf wfnu pvkf vu kflgfxpfk rxvswvyf hfmxivag vs umf hwxkkfgumfgf xgf aumfg fdxzrwfp vs umf xzctkxwx an pvuqxuvasp vs emvlm asf pvkf mxp x prflvxwvofk gflfruag umxu vslgfxpfp rxvs xsk umf aumfg pvkf kafpsu ka xscumvst hqu sasf evum laqsufgxluvif fnnflup wvyf umvp yawhfg pxvk ltgr vp kgvivst rxvs as umf gvtmu pvkf xsk gfkqlvst rxvs as umf wfnuwfxk xqumag kg mfxumfg xwwfs x qu kxwwxp ivpvuvst plmawxg xsk x rapukaluagxw xppalvxuf xu sfe cagy qsvifgpvuc pxvk umxu wxufgxwvoxuvas vp anufs vtsagfk vs rxvs gfpfxglmmfgf ef kfzaspugxuf umxu hwxkkfg rxvs  ivplfgxw rxvs vs x lfsugxwwc walxufk agtxs  vp rgalfppfk kvnnfgfsuwc as umf wfnu xsk gvtmu pvkfp an umf hgxvs pmf pxvk vn ef mxk nalqpfk as aswc asf pvkf an umf xzctkxwx ef eaqwk mxif lazrwfufwc zvppfk aqu as kvplaifgvst umfpf kvifgtfsu nqsluvaspyawhfgp xgfx an fdrfguvpf vp qgawatvl lmgasvl rfwivl rxvs pcskgazf xs qzhgfwwx ufgz nag ixgvfuvfp an rxvs umxu xnnflu xs fpuvzxufk  zvwwvas rfarwf vs umf qp fxlm cfxg rgvzxgvwc zvkkwfxtfk eazfsvup x mqtf xgfx an lwvsvlxw sffk xsk ef kasu ysae mae ua ugfxu vu mf pxvk pa emvwf umvp vp x hgaxkfg puagc xhaqu wxufgxwvoxuvas efgf xwpa pffyvst prflvnvl xspefgp umf rxuvfsu vp umf rgvagvuc  v exsu ua qskfgpuxsk umvp kvpfxpf pa vu lxs hf ugfxufk vs mqzxspufdpxe{caqkvkxtgfxujah}

TexSAW 2023/Console Scrabble/README.md

@@ -0,0 +1,16 @@
+# Console Scrabble
+> Solve the puzzle using web development basics.
+
+## About the Challenge
+We have been given a very simple website, and upon checking the source code of the website, we found that it has only one JavaScript file
+
+![preview](images/preview.png)
+
+## How to Solve?
+To solve this challenge, I called every JavaScript function listed in that file, such as `flag()` or `whoareyou()`. Surprisingly, I found the flag when I called the `pants()` function.
+
+![flag](images/flag.png)
+
+```
+texsaw{wh4t3ver_m4n_its_4_fl4g}
+```

TexSAW 2023/Git er' done/README.md

@@ -0,0 +1,20 @@
+# Git er' done
+> I've made my first website but I still have a lot of tasks to do. Can you check it out and give me some feedback?
+
+## About the Challenge
+We have been given a very simple website that contain To-Do list
+
+![preview](images/preview.png)
+
+## How to Solve?
+Because the title of the challenge is about `git`. So I accessed `.git/config` endpoint and we got the git config
+
+![config](images/config.png)
+
+I went to https://gitlab.com/WalmartDeli/exposed-repository.git and then there is a file called `flag.txt`
+
+![flag](images/flag.png)
+
+```
+texsaw{0h_n0_my_g1t_15_3xp053d!}
+```

TexSAW 2023/MIT of The South/README.md

@@ -0,0 +1,32 @@
+# MIT of The South
+> Welcome to UTD! We like to call ourselves the MIT of the South (not really). The flag for this challenge is hidden in one of the classrooms, can you find it?
+
+## About the Challenge
+We have been given a very simple website that contains only 1 image
+
+![preview](images/preview.png)
+
+## How to Solve?
+First I checked some interesting files for example `sitemap.xml` or `robots.txt`. And I found there is a `robots.txt` file
+
+![robots](images/robots.png)
+
+After getting a little stuck, I decided to check `tobors.txt` and luckily, I obtained a list of endpoints.
+
+![tobors](images/tobors.png)
+
+I manually checked the endpoints one by one but the response is always `There's nothing written on the board`. So I used `ffuf` here
+
+```shell
+ffuf -w endpoints.txt:FUZZ -u http://18.216.238.24:1004/webpage/files/dirFUZZ -fl 29
+```
+
+![ffuf](images/ffuf.png)
+
+The flag was located in `/ecss/4.910`
+
+![flag](images/flag.png)
+
+```
+texsaw{woo0OOo0oOo00o0OOOo0ooo0o00Osh}
+```

TexSAW 2023/Mail/README.md

@@ -0,0 +1,16 @@
+# Mail
+> With the holiday season approaching, the demand for package delivery is climbing. I've compiled a list of mail couriers for you to view at url:port. Maybe this could be helpful?
+
+## About the Challenge
+We have been given a very simple website that contain 1 button. If we press that button we will be redirected to `/flag` endpoint
+
+![preview](images/preview.png)
+
+## How to Solve?
+Because I was curious why the button said `Click here to GET a mail service`. In order to obtain the flag, I tried changing the HTTP request method from `GET` to `POST`.
+
+![flag](images/flag.png)
+
+```
+texsaw{GET_it?_They_were_POSTal_services_haha}
+```

TexSAW 2023/README.md

@@ -0,0 +1,13 @@
+# TexSAW 2023
+CTF writeup for SpringForwardCTF 2023. I took part in this CTF competition with the my friend, @dRe and got 32th place out of 247 teams
+
+| Category | Challenge |
+| --- | --- |
+| Web | [The Path to Victory](/TexSAW%202023/The%20Path%20to%20Victory/)
+| Web | [Console Scrabble](/TexSAW%202023/Console%20Scrabble/)
+| Web | [Mail](/TexSAW%202023/Mail/)
+| Web | [Git er' done](/TexSAW%202023/Git%20er'%20done/)
+| Web | [MIT of The South](/TexSAW%202023/MIT%20of%20The%20South/)
+| Web | [Swiftmaster](/TexSAW%202023/Swiftmaster/)
+| OSINT | [Superhuman Intuition](/TexSAW%202023/Superhuman%20Intuition/)
+| Cryptography | [Ancient Methods](/TexSAW%202023/Ancient%20Methods//)

TexSAW 2023/Superhuman Intuition/README.md

@@ -0,0 +1,30 @@
+# Superhuman Intuition
+> Alice: "Now I am not sure who made this sculpture, but just from looking at it, I can tell that the artists has a YouTube channel. Not only that, I can tell you the exact date they created their channel!"
+
+> Bob: "Impossible! There is no way that you can deduct all that information from just glancing at a sculplture!"
+
+> Alice: "Oh yes I can Bob, and I will tell you the date right now. The artist created their YouTube channel on..."
+
+> Note: The flag will be the date that the artist created their YouTube channel. The flag's format is texsaw{mm-dd-yyyy}.
+
+## About the Challenge
+We have been given an image of a sculpture. First, we need to determine the artist who created the sculpture, and then we need to find their YouTube channel.
+
+![sculpture](sculpture.jpg)
+
+## How to Solve?
+To know who made the sculpture, im using `Google Reverse Image`
+
+![google](images/google.png)
+
+The artist name is `Julian Voss-Andreae`. So I tried to find his youtube channel by searching his name on Google
+
+![google_2](images/google_2.png)
+
+We found his Youtube channel. If we want to know when the artist created his Youtube channel, we can check in the `About` menu
+
+![flag](images/flag.png)
+
+```
+texsaw{02-27-2009}
+```

TexSAW 2023/Swiftmaster/README.md

@@ -0,0 +1,14 @@
+# Swiftmaster
+> Ok so swiftmaster is back up! Hint- the key is in the download clue link Once you find the key just enter it here as texsaw{keyvalue} Also y'all don't need to use that submit button it's just a rabbit hole.
+
+## About the Challenge
+We have been given a website that contains a form and a feature to download an image
+
+![preview](images/preview.png)
+
+## How to Solve?
+To solve this challenge, I downloaded the image first by pressing `Download Clue` button. and then put the image in [aperisolve](https://www.aperisolve.com/)
+
+```
+texsaw{v3rY_5eKr33t}
+```

TexSAW 2023/The Path to Victory/README.md

@@ -0,0 +1,20 @@
+# The Path to Victory
+> A elite team of marine biologists have been working to genetically modify mantis shrimp into the ultimate killing machines. Your mission is to exploit vulnerabilities in the enemies website and retrieve session keys (the flag) in order to help bring the organization down.
+
+## About the Challenge
+We have been given a simple website that contains an information about shrimp
+
+![preview](images/preview.png)
+
+## How to Solve?
+If you see the URL in the preview (http://18.216.238.24:1003/webpage/files/dir/index.html) you will notice this website have a lot of directories right? So to find useful information, I tried to access http://18.216.238.24:1003/webpage/
+
+![webpage](images/webpage.png)
+
+There is a file called `sessions_keys.txt`. Open that file to obtain the flag
+
+![flag](images/flag.png)
+
+```
+texsaw{Th3_B3s7_Cru574c34n}
+```