Ritsec CTF Write Up
Ritsec CTF Write Up
This is a write up to some Ritsec ctf challenges of web categorie
first of All , shoutout to my homie and teammate 5h3rl0ck , who helped me a lot
The given challenge was a broken web page due to bad http redirections
so we intercepted the http requests using browser developpers tools and we found the flag
the second challenge was an aws web service and they’re giving a big hint in the title Buckets
so we change in the url the “s3-website-us-east-1” to “s3” and we got a xml file
then we went to the txt file bellow and we found the flag
The second challenge was basically a web API using JSON Web Token
we went to auth directory and it shows the json token but here the name parameter is missing
so we’re considered as a user
we used that token and we passed as a authorization header throught a http request using burp
and since we’re on the normal endpoint we can’t be an admin
so we simply should change the type from user to admin in the token
i used for this the jwt_tool from
https://github.com/ticarpi/jwt_tool
thanks for reading this
All credits goes to K1_W4L0 team