Planet DesKel

DesKel's official page for CTF write-up, Electronic tutorial, review and etc.

Arduino
Backdoor Challenge Land CTFLearn CyberEDU Webhacking.kr TryHackMe, THM Short CTF
Hacking Tools
Donate
12 August 2020

Challenge Land write-up: Basic

3 minutes to read

Another day, another challenge land CTF walkthrough. Today, we are going to slay all enemies marked with basic.

target

Make sure you slay the correct enemy. It should be looks like a bee. This category requires basic knowledge on HTML, PHP , CSS and browser setup.

Fast travel:

Basic 1

basic 1 quest

Basic 1 is the easiest challenge of the entire basic categories. The answer is located inside the HTML comment.

basic 1 ans

Basic 2

basic 2 quest

This task is a bit tricky where you need a basic knowledge of HTML to solve this task. The maximum number allowed to enter into the solution field is 100, however, the task asks for 1000. Simply change the maximum number of the Input tag parameter and solve the challenge.

basic 2 ans

Basic 3

basic 3 quest

Find the password? Where is it? By inspecting the source code, I come across a strange CSS file.

basic 3 ans 1

Open it up and read it. Eventually, you will find the flag.

basic 3 ans 2

Basic 4

basic 4 quest

You are required to enter ‘Admin’ in the solution field. However, the input field is disabled. Talking about disabling, we need to remove it from the input tag.

basic 4 ans

Remove it and enter the text into the field.

Basic 5

basic 5 quest

This task is simple, just play around with the GET request on the URL bar. Just change ‘guest’ into ‘admin’.

basic 5 ans

basic 6

basic 6 quest

Almost similar to basic 5, you need to play around with the URL bar. However, you need to play around with the PHP error. To revoke the error, simply enter the following URL.

basic 6 ans

basic 7

basic 7 quest

Well, this is the classic CTF technique. You need to change the user agent to the one suggested by the question. For chrome, simply go to the network conditions and customized your user-agent.

basic 7 ans

basic 8

basic 8 quest

Just a cookie with sunglasses? That is an obvious hint, the cookie. Play around with the cookie, change the isAdmin parameter into 1.

basic 8 ans

basic 9

basic 9 quest

I hate and also love this challenge. It took me 2 hours to solve it and I realized it was talking about robots.txt. Megatron is a robot and father (I prefer mother) refers to the root of the website.

basic 9 ans

Enter the URL and solve the challenge.

Conclusion

That’s all for the Challenge Land basic category and we just slay all the bees. I hope you enjoy the write-up and see you next time :)

tags: ChallengeLand - CTF

Thanks for reading. Follow my twitter for latest update

If you like this post, consider a small donation. Much appreciated. :)

Vortex

© 2020 DesKel