Post

[NeverLAN 2019] - Console

Posted
By Lucian Nitescu 1 min read

Image of NeverLAN CTF 2019

Description:

Solution Author:

Lucian Nitescu, as part of jmp 0xc0ffee team.

Solution:

The challenge started with the following simple "console" page:

As a first step, I decided to take a look at the source code of the accessed web page. view-source:https://challenges.neverlanctf.com:1120/console.html

As you can see we have 2 different javascript functions. The what() function, which handles the password confirmation and the getThat(strg) function which handles the redirect to our "authenticated" page. In this case, we have two different approaches:

  • We access directly the 1/key.php page
  • We call the getThat(strg) function with the value 'Y'

Here it is how I obtained the flag for this challenge:

The flag is: flag{console_controls_js}

neverlan, ctf, writeups
2019 writeups CTF challange neverlan
This post is licensed under CC BY 4.0 by the author.