From 77ed881028fc738a17d762f15dab13695870b7f3 Mon Sep 17 00:00:00 2001
From: u <u@noreply.git.hamburg.ccc.de>
Date: Wed, 25 Mar 2026 21:44:46 +0100
Subject: [PATCH] =?UTF-8?q?broken=5Fwebsite.md=20hinzugef=C3=BCgt?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 broken_website.md | 110 ++++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 110 insertions(+)
 create mode 100644 broken_website.md

diff --git a/broken_website.md b/broken_website.md
new file mode 100644
index 0000000..9165abd
--- /dev/null
+++ b/broken_website.md
@@ -0,0 +1,110 @@
+# Broken Website - web
+
+## Summary
+
+The future is quic, this challenge was not.
+
+## Problem
+
+`curl -v https://broken-website.tamuctf.cybr.club/`
+
+```
+* Host broken-website.tamuctf.cybr.club:443 was resolved.
+* IPv6: (none)
+* IPv4: 54.91.191.64
+*   Trying 54.91.191.64:443...
+* connect to 54.91.191.64 port 443 from 192.168.0.79 port 53398 failed: Die Wartezeit für die Verbindung ist abgelaufen
+* Failed to connect to broken-website.tamuctf.cybr.club port 443 after 133017 ms: Could not connect to server
+* closing connection #0
+curl: (28) Failed to connect to broken-website.tamuctf.cybr.club port 443 after 133017 ms: Could not connect to server
+```
+
+Every attempt to connect to this site fails and/or times out.
+
+## Solution
+
+**Steps to solve:**
+- Check some ports
+- Check ALL the ports
+- even try udp, because when there is no tcp, there is only udp left. But why would someone within their right mind use udp to serve a website!?
+- try port knocking
+    - with default sequences
+    - with custom sequences
+        - consider doing a rain dance
+- absolutely NO response from the server, so it HAS to be a network problem
+    - with 3 persons:
+        - blame AWS, because there currently is a offcially announced AWS problem between USA and europe
+            - find out that when connecting via nordvpn there is an answer on port 80
+            - rent servers in different parts of the world to check network issue
+        - blame challenge autor
+        - blame ctf infrastructure
+        - complain in support discord 
+    - loop for 3 hours
+- ignore this messed up stuff
+    - go to a concert
+    - drink some wine
+- come back, think about tcp and udp
+    - vaguely remember some vague reference some month ago when someone mentioned quic
+
+### Try quic/http3
+
+https://curl.se/docs/manpage.html#--http3-only
+`curl -v --http3-only https://broken-website.tamuctf.cybr.club/`
+
+```
+* Host broken-website.tamuctf.cybr.club:443 was resolved.
+* IPv6: (none)
+* IPv4: 54.91.191.64
+*   Trying 54.91.191.64:443...
+* SSL Trust Anchors:
+*   CAfile: /etc/ssl/certs/ca-certificates.crt
+* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / X25519MLKEM768 / id-ecPublicKey
+* Server certificate:
+*   subject: 
+*   start date: Mar 22 07:09:30 2026 GMT
+*   expire date: Mar 22 19:09:30 2026 GMT
+*   issuer: CN=Caddy Local Authority - ECC Intermediate
+*   Certificate level 0: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
+*   Certificate level 1: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
+*   subjectAltName: "broken-website.tamuctf.cybr.club" matches cert's "broken-website.tamuctf.cybr.club"
+* OpenSSL verify result: 14
+* SSL certificate OpenSSL verify result: unable to get local issuer certificate (20)
+* QUIC connect to 54.91.191.64 port 443 failed: SSL peer certificate or SSH remote key was not OK
+* Failed to connect to broken-website.tamuctf.cybr.club port 443 after 117 ms: SSL peer certificate or SSH remote key was not OK
+* closing connection #0
+curl: (60) Failed to connect to broken-website.tamuctf.cybr.club port 443 after 117 ms: SSL peer certificate or SSH remote key was not OK
+More details here: https://curl.se/docs/sslcerts.html
+
+curl failed to verify the legitimacy of the server and therefore could not
+establish a secure connection to it. To learn more about this situation and
+how to fix it, please visit the webpage mentioned above.
+```
+
+Certificate problem? -> ignore
+https://curl.se/docs/manpage.html#--insecure
+`curl --http3-only --insecure https://broken-website.tamuctf.cybr.club/`
+
+```html
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>Fancy Website</title>
+    <link rel="stylesheet" type="text/css" href="style.css">
+    <link rel="preconnect" href="https://fonts.googleapis.com">
+<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
+<link href="https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap" rel="stylesheet">
+</head>
+<body>
+    <h1>Welcome to my website!</h1>
+    <h2>Here's the flag:</h2>
+    <h2>gigem{7h3_fu7u23_15_qu1c_64d1f5}</h2>
+</body>
+</html>
+```
+
+## Flag
+
+`gigem{7h3_fu7u23_15_qu1c_64d1f5}`
+