CTF Report

Full Name: Nithilan Valan

Program: HCS - Penetration Testing 1-Month Internship
Date: 08/03/2025

Category: Web 2.0 (Lock Web – Points: 100)

Description: Web 2.0 challenges in CTFs typically involve exploiting modern web
applications that rely on dynamic content, AJAX, APIs, and client-side interactions.
These challenges may include XSS (Cross-Site Scripting), CSRF (Cross-Site Request
Forgery), SQL Injection, IDOR (Insecure Direct Object References), API
vulnerabilities, and logic flaws. They often require understanding how web
applications interact with users and servers, leveraging JavaScript, cookies, session
management, and API endpoints to find security loopholes.

Challenge Overview: It's important to follow good content discovery methodology

on sites you are testing. This is NOT always something like dirbuster or other
bruteforcing approaches.

Steps for Finding the Flag:

1. Initial Reconnaissance: After opening the given URL, I saw that there was a
keypad for a PIN to be entered.

2. Exploitation: I typed /robots.txt at the end of the URL. That opened a page
which gave the correct PIN: 1928. I entered that PIN in the keypad.

3. Flag Retrieval: After pressing “Enter”, a pop-up message appeared revealing

the flag.

Flag: flag{V13w_r0b0t5.txt_c4n_b3_u53ful!!!}
Category: Web 2.0 (The World – Points: 150)

Description: Web 2.0 challenges in CTFs typically involve exploiting modern web
applications that rely on dynamic content, AJAX, APIs, and client-side interactions.
These challenges may include XSS (Cross-Site Scripting), CSRF (Cross-Site Request
Forgery), SQL Injection, IDOR (Insecure Direct Object References), API
vulnerabilities, and logic flaws. They often require understanding how web
applications interact with users and servers, leveraging JavaScript, cookies, session
management, and API endpoints to find security loopholes.

Challenge Overview: Welcome to "The World" challenge! You've landed on a

webpage saying "Hello World!" Looks simple, right? But there's more to it than
meets the eye. Your mission: dig deep into this website to find hidden paths and
uncover the flag.

Steps for Finding the Flag:

1. Initial Reconnaissance: I opened the given URL and noticed that there were
many directories in it.

2. Directory Enumeration: I explored directories and endpoints within the web

application using gobuster and dirb to uncover hidden pages or
functionalities that may lead to the flag.

3. Exploitation: One of the directories had a file: secret.txt. I entered

/secret.txt at the end of the URL and the page displayed a base64 encoded
text: RkxBR3tZMHVfaGF2M180eHBsMHJlRF90aDNfVzByTGQhfQ== I copied
that and pasted it in base64 decoder.

4. Flag Retrieval: The flag was revealed in the output of the decoder.

Flag: FLAG{Y0u_hav3_4xpl0reD_th3_W0rLd!}
Category: Network Forensics (Corrupted – Points: 100)

Description: Network forensics is the investigation and analysis of network traffic

and activities to uncover evidence of security incidents, cyberattacks, or

unauthorized access. It involves capturing, examining, and interpreting network

packets to identify malicious activities, intrusions, or anomalies.

Challenge Overview: A corrupted PNG image file is provided. Use network

forensics techniques to un-corrupt the file and retrieve the flag.

Steps for Finding the Flag:

1. Initial Reconnaissance: I tried to open the PNG image file, but an error
message came, stating that the file is either corrupted or its format is not
supported. I realized that this was because the image file’s header was
corrupted.
2. Exploitation: I uploaded the file to hexed.it where I could see all the bytes of
the file. The first row contained 8 bits (1 byte) which was the byte of the file’s
header. I changed those 8 values to: 89 50 4E 47 0D 0A 1A 0A. Then I saved
the new image file.
3. Flag Retrieval: After opening the uncorrupted image file, I found the flag to
be displayed in the image.

Flag: flag{m3ss3d_h3ad3r$}
Category: Network Forensics (Shadow web – Points: 150)

Description: Network forensics is the investigation and analysis of network traffic

and activities to uncover evidence of security incidents, cyberattacks, or

unauthorized access. It involves capturing, examining, and interpreting network

packets to identify malicious activities, intrusions, or anomalies.

Challenge Overview: Unravel hidden data within the intricate landscape of

protocols. This MULTIverse of packets contains some Form Data which can reveal

the secrets of the Web. Try to find these secrets that are scattered to get a flag.

Steps for Finding the Flag:

1. Initial Reconnaissance: I opened the pcapng file in Wireshark. Many packets

were visible having HTTP, TCP, and ARP protocols. I read the TCP stream
hints: "Always look for small clues in your way to find the answer. Clues can
be scattered in 'multiple' locations". I noticed that both the challenge
description and TCP stream gave us the word 'multiple’ in their hints. I
looked at the HTTP POST request packets which contain a multipart/form-
data header in it. I looked closely into the data of these multipart/form-data
and I could see a single letter in each HTTP packet in between the data.
2. Exploitation: I collected every character from every packet. After collecting,
the text is: ZmxhZ3ttdWx0MXBsM3A0cnRzYzBuZnVzM3N9. It is a base64
encoded text. I used the base64decode.org website to decode this text.
3. Flag Retrieval: The flag is revealed in the output of the decoder.

Flag: flag{mult1pl3p4rtsc0nfus3s}
Category: Reverse Engg (Lost in the Past – Points: 150)

Description: Reverse Engineering is the process of analyzing and understanding

how a software program or system works by deconstructing it, often to gain

insights into its functionality, identify vulnerabilities, or create similar programs.

Challenge Overview: I enjoyed making small projects when I was at a young age! I
used to love hiding random funny texts in my projects that no one else could
understand but myself. Coincidentally, I found a project file of something I made at
that time. But it’s been so long, I can’t find that text. Can you help me find it?

Steps for Finding the Flag:

1. Initial Reconnaissance: I learned that the given aia file can be renamed into a
zip file so that it can extracted to reveal compressed files.
2. Exploitation: After renaming the file to zip and extracting its contents, I
noticed that there were 3 compressed files: Screen1.scm, Scrum.bky, and
project.properties. I noticed that in Scrum.bky, there was a text box field
named, Cipher, in the XML code with the value:
7=28LE__0>F490C6GbCD?8N. I found out that the cipher is ROT47
encrypted. I created a python code to decode that ROT47 encrypted cipher.
3. Flag Retrieval: The flag was revealed in the output after running the ROT47
decoder python program.

Flag: flag{t00_much_rev3rs1ng}
Category: Reverse Engg (Decrypt Quest – Points: 200)

Description: Reverse Engineering is the process of analyzing and understanding

how a software program or system works by deconstructing it, often to gain

insights into its functionality, identify vulnerabilities, or create similar programs.

Challenge Overview: One day, one of Samarth’s imaginary friends, Arjun,

mysteriously hands him a text file claiming it holds encrypted secret data
impossible to decode! Arjun dangles a $1,000,000 reward if Samarth manages to
extract the information. However, Arjun enjoys mischief and attempts to trick
Samarth by flooding the file with loads of irrelevant data. Would you assist Samarth
in unlocking this top-secret information? He pledges to split the reward with you if
successful !!

Steps for Finding the Flag:

1. Initial Reconnaissance: I noticed that the given file had a lot of base64
encoded text.
2. Exploitation: I used base64 decoder to decode that text. In the decoded text
result, I saw a java program with a large cipher table that contained a Google
drive link in a comment. I opened that link and it led me to file called kEY.txt
which contained a brainfuck program. Using the brainfuck translator on
dcode.fr, I found a hint where I needed to learn about Unix Epoch Year to
find the flag. I googled about it, and found out that Unix Epoch time started
on January 1st, 1970. I kept the year 1970 in mind. I modified the java program
such that it brute forces the decryption of the cipher table from 1 till its
maximum value and creates and stores a file with all the input integers and
corresponding flag outputs. I ran that program and saw that the created file
had 1106 outputs. I pressed Ctrl+F to search for ‘1970’.
3. Flag Retrieval: I saw that input integer 571 had a flag that contained ‘1970’,
which was the correct flag.

Flag: flag{hjwilj111970djs}
Category: OSINT (Time Machine – Points: 100)

Description: OSINT (Open-Source Intelligence) refers to the collection and

analysis of publicly available information from various sources to gather insights

and intelligence. This includes data from social media, public records, websites, and

more.

Challenge Overview: Mr. TrojanHunt has power to travel time. He is hiding some
extremely confidential file from the government. Can you help NIA to get secrets of
TrojanHunt?

Steps for Finding the Flag:

1. Initial Reconnaissance: I typed “TrojanHunt” in the search bar in

DuckDuckGo, and I found a file: secret_202103 at archive.org in the search
results.
2. Flag Retrieval: After downloading the file in txt format, I opened the file, and
the flag was revealed.

Flag: flag{Tr0j3nHunt_t1m3_tr4v3l}
Category: Crypto (Wh@t7he#### – Points: 100)

Description: Cryptography is the practice of securing communication and data by

encoding it in such a way that only authorized parties can access and understand it.

This involves techniques like encryption, decryption, hashing, and digital

signatures.

Challenge Overview: A file with an encrypted message is given. You should find out
what encryption algorithm was used and decrypt that to get the flag.

Steps for Finding the Flag:

1. Initial Reconnaissance: The given file contained a cipher. After some

research, I found out it was in reversefuck language.
2. Exploitation: I copied the cipher text and pasted it into the reversefuck
translator in dcode.fr.
3. Flag Retrieval: The flag was revealed in the decryption result.

Flag: flag{R3vers3ddd_70_g3t_m3}
Category: Crypto (Success Recipe – Points: 150)

Description: Cryptography is the practice of securing communication and data by

encoding it in such a way that only authorized parties can access and understand it.

This involves techniques like encryption, decryption, hashing, and digital

signatures.

Challenge Overview: My friend who is a Chef sent me this recipe but i can't
understand it He likes to write in weird languages Can you help me?

Steps for Finding the Flag:

1. Initial Reconnaissance: I looked at the contents of the given file and I

noticed the recipe was text encoded in Chef programming language.
2. Exploitation: I copied all the file contents and pasted it in the code editor on
the website: https://esolangpark.vercel.app/ide/chef and ran the code. The
output kept showing errors expecting words in past tense in some places
where they were in present tense every time I made a change to the code.
After making all the changes to the code as suggested by the outputs, I ran
the code, and this time, no error was displayed. After the code finished
executing, the output gave a brainfuck coded message. I copied that text and
pasted in the brainfuck translator on dcode.fr.
3. Flag Retrieval: The flag was revealed in the result section of the decoder.

Flag: flag{y0u_40+_s3rv3d!}

TOTAL POINTS: 1200