NiteCTF 2024
1, Cybernotes:
1. On the network tab, the request made for bg.jpg
2. We got the logs in the /uploads/.
3. Got the username in the logs.
4. Got the Passwordsin the logs.
5. Got the DockerFile the file has JWT_SECRET_KEY & FDRP_JWT_SECRET_KEY.
6. Using the username and password, we have login into the application.
7. Getting the notes in this endpoint.
8. Decode and change the secret with JWT_SECRET_FILE. we got from DockerFile. JWT_SECRET_FILE=H6jga21h1.
9: Got the flag.
2, Charlie Hunt 1:
1. While submitting the review.
2. Changing the Api version v2 to v1 and the non-numeric value to the stars it will throw the error.
__v: is unknown,So we add __v as a key and provide the input.
The application renders the input "
__v":"{{7*7}}"to__v:49, starting to craft the SSTI payload.
Payload: {{url_for['__gl'+'obals__']['__buil'+'tins__']['op'+'en'](app\\x2epy)['re'+'ad']()}}.
Flag: nite{3rror5_can_b3_u53ful_s0m3t1m35}
Last updated