ctf/writeups2026tamu
0
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
writeups2026tamu/broken_website.md
u 77ed881028 broken_website.md hinzugefügt
2026-03-25 21:44:46 +01:00

4.2 KiB
Raw Permalink Blame History

Broken Website - web

Summary

The future is quic, this challenge was not.

Problem

curl -v https://broken-website.tamuctf.cybr.club/

* Host broken-website.tamuctf.cybr.club:443 was resolved.
* IPv6: (none)
* IPv4: 54.91.191.64
*   Trying 54.91.191.64:443...
* connect to 54.91.191.64 port 443 from 192.168.0.79 port 53398 failed: Die Wartezeit für die Verbindung ist abgelaufen
* Failed to connect to broken-website.tamuctf.cybr.club port 443 after 133017 ms: Could not connect to server
* closing connection #0
curl: (28) Failed to connect to broken-website.tamuctf.cybr.club port 443 after 133017 ms: Could not connect to server

Every attempt to connect to this site fails and/or times out.

Solution

Steps to solve:

  • Check some ports
  • Check ALL the ports
  • even try udp, because when there is no tcp, there is only udp left. But why would someone within their right mind use udp to serve a website!?
  • try port knocking
    • with default sequences
    • with custom sequences
      • consider doing a rain dance
  • absolutely NO response from the server, so it HAS to be a network problem
    • with 3 persons:
      • blame AWS, because there currently is a offcially announced AWS problem between USA and europe
        • find out that when connecting via nordvpn there is an answer on port 80
        • rent servers in different parts of the world to check network issue
      • blame challenge autor
      • blame ctf infrastructure
      • complain in support discord
    • loop for 3 hours
  • ignore this messed up stuff
    • go to a concert
    • drink some wine
  • come back, think about tcp and udp
    • vaguely remember some vague reference some month ago when someone mentioned quic

Try quic/http3

https://curl.se/docs/manpage.html#--http3-only curl -v --http3-only https://broken-website.tamuctf.cybr.club/

* Host broken-website.tamuctf.cybr.club:443 was resolved.
* IPv6: (none)
* IPv4: 54.91.191.64
*   Trying 54.91.191.64:443...
* SSL Trust Anchors:
*   CAfile: /etc/ssl/certs/ca-certificates.crt
* SSL connection using TLSv1.3 / TLS_AES_128_GCM_SHA256 / X25519MLKEM768 / id-ecPublicKey
* Server certificate:
*   subject: 
*   start date: Mar 22 07:09:30 2026 GMT
*   expire date: Mar 22 19:09:30 2026 GMT
*   issuer: CN=Caddy Local Authority - ECC Intermediate
*   Certificate level 0: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
*   Certificate level 1: Public key type EC/prime256v1 (256/128 Bits/secBits), signed using ecdsa-with-SHA256
*   subjectAltName: "broken-website.tamuctf.cybr.club" matches cert's "broken-website.tamuctf.cybr.club"
* OpenSSL verify result: 14
* SSL certificate OpenSSL verify result: unable to get local issuer certificate (20)
* QUIC connect to 54.91.191.64 port 443 failed: SSL peer certificate or SSH remote key was not OK
* Failed to connect to broken-website.tamuctf.cybr.club port 443 after 117 ms: SSL peer certificate or SSH remote key was not OK
* closing connection #0
curl: (60) Failed to connect to broken-website.tamuctf.cybr.club port 443 after 117 ms: SSL peer certificate or SSH remote key was not OK
More details here: https://curl.se/docs/sslcerts.html

curl failed to verify the legitimacy of the server and therefore could not
establish a secure connection to it. To learn more about this situation and
how to fix it, please visit the webpage mentioned above.

Certificate problem? -> ignore https://curl.se/docs/manpage.html#--insecure curl --http3-only --insecure https://broken-website.tamuctf.cybr.club/

<!DOCTYPE html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>Fancy Website</title>
    <link rel="stylesheet" type="text/css" href="style.css">
    <link rel="preconnect" href="https://fonts.googleapis.com">
<link rel="preconnect" href="https://fonts.gstatic.com" crossorigin>
<link href="https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap" rel="stylesheet">
</head>
<body>
    <h1>Welcome to my website!</h1>
    <h2>Here's the flag:</h2>
    <h2>gigem{7h3_fu7u23_15_qu1c_64d1f5}</h2>
</body>
</html>

Flag

gigem{7h3_fu7u23_15_qu1c_64d1f5}