broken_website.md hinzugefügt
This commit is contained in:
commit
77ed881028
1 changed files with 110 additions and 0 deletions
110
broken_website.md
Normal file
110
broken_website.md
Normal file
|
|
@ -0,0 +1,110 @@
|
|||
# Broken Website - web
|
||||
|
||||
## Summary
|
||||
|
||||
The future is quic, this challenge was not.
|
||||
|
||||
## Problem
|
||||
|
||||
`curl -v https://broken-website.tamuctf.cybr.club/`
|
||||
|
||||
```
|
||||
* Host broken-website.tamuctf.cybr.club:443 was resolved.
|
||||
* IPv6: (none)
|
||||
* IPv4: 54.91.191.64
|
||||
* Trying 54.91.191.64:443...
|
||||
* connect to 54.91.191.64 port 443 from 192.168.0.79 port 53398 failed: Die Wartezeit für die Verbindung ist abgelaufen
|
||||
* Failed to connect to broken-website.tamuctf.cybr.club port 443 after 133017 ms: Could not connect to server
|
||||
* closing connection #0
|
||||
curl: (28) Failed to connect to broken-website.tamuctf.cybr.club port 443 after 133017 ms: Could not connect to server
|
||||
```
|
||||
|
||||
Every attempt to connect to this site fails and/or times out.
|
||||
|
||||
## Solution
|
||||
|
||||
**Steps to solve:**
|
||||
- Check some ports
|
||||
- Check ALL the ports
|
||||
- even try udp, because when there is no tcp, there is only udp left. But why would someone within their right mind use udp to serve a website!?
|
||||
- try port knocking
|
||||
- with default sequences
|
||||
- with custom sequences
|
||||
- consider doing a rain dance
|
||||
- absolutely NO response from the server, so it HAS to be a network problem
|
||||
- with 3 persons:
|
||||
- blame AWS, because there currently is a offcially announced AWS problem between USA and europe
|
||||
- find out that when connecting via nordvpn there is an answer on port 80
|
||||
- rent servers in different parts of the world to check network issue
|
||||
- blame challenge autor
|
||||
- blame ctf infrastructure
|
||||
- complain in support discord
|
||||
- loop for 3 hours
|
||||
- ignore this messed up stuff
|
||||
- go to a concert
|
||||
- drink some wine
|
||||
- come back, think about tcp and udp
|
||||
- vaguely remember some vague reference some month ago when someone mentioned quic
|
||||
|
||||
### Try quic/http3
|
||||
|
||||
https://curl.se/docs/manpage.html#--http3-only
|
||||
`curl -v --http3-only https://broken-website.tamuctf.cybr.club/`
|
||||
|
||||
```
|
||||
* Host broken-website.tamuctf.cybr.club:443 was resolved.
|
||||
* IPv6: (none)
|
||||
* IPv4: 54.91.191.64
|
||||
* Trying 54.91.191.64:443...
|
||||
* SSL Trust Anchors:
|
||||
* CAfile: /etc/ssl/certs/ca-certificates.crt
|
||||
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / X25519MLKEM768 / id-ecPublicKey
|
||||
* Server certificate:
|
||||
* subject:
|
||||
* start date: Mar 22 07:09:30 2026 GMT
|
||||
* expire date: Mar 22 19:09:30 2026 GMT
|
||||
* issuer: CN=Caddy Local Authority - ECC Intermediate
|
||||
* Certificate level 0: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
|
||||
* Certificate level 1: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
|
||||
* subjectAltName: "broken-website.tamuctf.cybr.club" matches cert's "broken-website.tamuctf.cybr.club"
|
||||
* OpenSSL verify result: 14
|
||||
* SSL certificate OpenSSL verify result: unable to get local issuer certificate (20)
|
||||
* QUIC connect to 54.91.191.64 port 443 failed: SSL peer certificate or SSH remote key was not OK
|
||||
* Failed to connect to broken-website.tamuctf.cybr.club port 443 after 117 ms: SSL peer certificate or SSH remote key was not OK
|
||||
* closing connection #0
|
||||
curl: (60) Failed to connect to broken-website.tamuctf.cybr.club port 443 after 117 ms: SSL peer certificate or SSH remote key was not OK
|
||||
More details here: https://curl.se/docs/sslcerts.html
|
||||
|
||||
curl failed to verify the legitimacy of the server and therefore could not
|
||||
establish a secure connection to it. To learn more about this situation and
|
||||
how to fix it, please visit the webpage mentioned above.
|
||||
```
|
||||
|
||||
Certificate problem? -> ignore
|
||||
https://curl.se/docs/manpage.html#--insecure
|
||||
`curl --http3-only --insecure https://broken-website.tamuctf.cybr.club/`
|
||||
|
||||
```html
|
||||
<!DOCTYPE html>
|
||||
<html lang="en">
|
||||
<head>
|
||||
<meta charset="UTF-8">
|
||||
<meta name="viewport" content="width=device-width, initial-scale=1.0">
|
||||
<title>Fancy Website</title>
|
||||
<link rel="stylesheet" type="text/css" href="style.css">
|
||||
<link rel="preconnect" href="https://fonts.googleapis.com">
|
||||
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
|
||||
<link href="https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap" rel="stylesheet">
|
||||
</head>
|
||||
<body>
|
||||
<h1>Welcome to my website!</h1>
|
||||
<h2>Here's the flag:</h2>
|
||||
<h2>gigem{7h3_fu7u23_15_qu1c_64d1f5}</h2>
|
||||
</body>
|
||||
</html>
|
||||
```
|
||||
|
||||
## Flag
|
||||
|
||||
`gigem{7h3_fu7u23_15_qu1c_64d1f5}`
|
||||
|
||||
Loading…
Add table
Add a link
Reference in a new issue