🔬
CTFs
  • 🚩nitrozeus's CTF Writeups
  • Tutorial
    • Install Windows 10 VM on M1 Mac
  • My Notes
    • Capture-The-Flag
      • Windows Forensics
      • Memory Forensics
      • Base32, Base64
      • Steganography
      • Email Analysis
      • Malware Analysis
      • MD4, MD5 Cracking
      • Social Engineering
      • OSINT
      • Google Dorking
      • Reconnaissance
      • Port Scan (nmap)
  • 2023
    • 🧠BrainHack CDDC 2023
      • Gallery
      • Eazy Network Analysis
      • What the hell happened to the PC?!
      • Audio Steganography
  • 2022
    • 🐱Grey Cat The Flag 2022
      • Parcel
      • Memory Game (Part 1)
      • Too Fast
      • Entry
      • Ghost
      • Firmware
      • Image Upload
      • flappy-js
    • ⛵STANDCON 2022
      • I Sea You (Part 1)
      • Locate Me
      • I Sea You (Part 2)
      • Trolley Trolling
      • A New Gateway
      • Walks like a cat, barks like a dog
      • Shark in the Ocean
      • Atlan Safe P1
      • Gift from Russia
      • Asmuth Shares
      • Memedump
      • Warmup Forensics
    • 🦁STACK the Flags 2022
      • Finding Nyan
      • New Task!
      • Hit you with that
      • Cobalt Struck
      • PyRunner
Powered by GitBook
On this page
  1. 2023
  2. BrainHack CDDC 2023

Gallery

PreviousBrainHack CDDC 2023NextEazy Network Analysis

Last updated 1 year ago

Humans are dumb and horrible, but cats are terribly CUTE!! - said an AI.

Access Info : http://cddc2023-gallery.s3-website-ap-southeast-1.amazonaws.com/

The challenge was presented as a web application vulnerability exercise, aimed at testing our skills in identifying and exploiting security weaknesses commonly found in web applications. We were provided with a to access the target website and tasked with finding and retrieving a hidden flag.

The homepage does not seem of interest and so we clicked the button "Go to next page". It redirected us to another page with the link /third.html

After seeing that URL path, we intuitively thought there would be a /second.html, and so we tried accessing it but the page redirects us back to /third.html. 

curl http://cddc2023-gallery.s3-website-ap-southeast-1.amazonaws.com/second.html

Et voila! We managed to retrieve the flag!

We then decided to employ the 'curl' command-line tool. is a powerful utility that allows sending HTTP requests and retrieving the corresponding responses. In this case, we used it to retrieve the contents of the hidden webpage.

🧠
Curl
link
Homepage
third.html
Flag!!