🚩
CTF Writeups
  • CTF Writeups
  • CloudSEK 2023 Writeups
    • Bases
    • Serialization Saga
    • The SHA Juggler
  • Cyber Heroines CTF 2023 Writeups
    • crypto
      • Lenore Blum
      • Sophie Wilson
    • forensics
      • Barbara Liskov
      • Elizabeth Feinler
      • Margaret Hamilton
      • Marian Croak
      • Stephanie Wehner
    • pwn
      • Sally Ride
    • re
      • Anita Borg
    • web
      • Frances Allen
      • Grace Hopper
      • Radia Perlman
      • Shafrira Goldwasser
      • Susan Landau
  • DeconstruCTF 2023 Writeups
    • Gibberish
    • Hash Roll
    • MOVE
    • Magicplay
    • Missing
    • Snowy Rock
    • Space Ahoy
    • Two Paths
    • Very Basic
    • gitcha
    • sweet-nothing
    • where-are-the-cookies
    • why-are-types-weird
  • Digital Defenders CTF 2023
  • ISFCR EC CTF 2023 Writeups
    • Base the Bases
    • CrackMe
    • Device
    • Emoji Man
    • Fast Fernet
    • Hands Up
    • Hot and Cold
    • I walk alone
    • Inception
    • Lucky Guess?
    • Mess
      • chal
    • NotFooter
    • Oink Oink v2
    • Oink Oink v0
    • Oink Oink v1
    • STR
    • Seek The Treasure
    • Standard-bearer
    • Tap The Wire
    • Thomas The Train
    • What You See Is (Not) What You Get
    • Where's My Dog?
    • splitXquest
    • Zip Bomb
  • KICyber CTF 2023 Writeups
    • All Hail Hydra
    • Binary Cryptogram - Unravel the Enigma
    • Breakout - Unleash the Flag
    • Cross Platform Hunt
    • CryptoShift - Decipher the Hidden Message
    • Hidden-Network-Quest
    • MetaQuest
    • No remorse, No regret
    • OTP Portal Intrigue
    • Policy-patrol_IAM
    • Secure-Storage-Showdown
    • The-Forbidden-Telnet-Portal
    • Time Traveler's Git (Part 1)
    • Time Traveler_s Git (Part 2)
    • Time-Capsule
    • Unveiling the Hidden Message
    • Welcome to KICyber CTF
    • XORCrypt: Solitary Cipher
    • Zipper is stuck
  • Snyk Fetch The Flag 2023 Writeups
    • Back The Hawks
    • Beep64
    • Finders Keepers
    • Jott
    • Nine-One-Sixteen
    • Protecting Camp
    • Quick Maths
    • Unhackable Andy II
    • Unhackable Andy
  • YCTF Mini 2023 Writeups
    • Cat's Concert 🎧🎵
    • Death Song
    • Enigmatic Vault
    • Fire Accident
    • Military Spy
    • Movie scene
    • OSINT 1
    • OSINT 2
    • Stego Master
    • Twinkle Twinkle
    • Unchained 1
    • Unchained 2
    • Inception
  • flaws.cloud
  • YCTF-Weekly 2023
    • Week-2
      • Web
        • Cookie
        • Confluence
      • Misc
        • Never Found
Powered by GitBook
On this page
  • Description :
  • Solution
  1. KICyber CTF 2023 Writeups

Breakout - Unleash the Flag

Description :

You find yourself locked within an environment where you are equipped with only what you bring. Your mission is to find creative ways to break free from the restrictions and ultimately obtain the coveted flag.

Solution

  • Looking at the source code, there are 2 comments which say User-Agent needs to be Anish Mitra and cookie needs to be What KPMG stands for .

  • This can be done by intercepting the request using burpsuite and changing the User-Agent and setting the cookie values.

  • User-Agent: Anish Mitra

  • cookie: Klynveld Peat Marwick Goerdeler

  • We have to give a command in the text-box provided

  • Typing ls shows us the directory listing and there is a flag.txt file in there.

  • changing the command to cat flag.txt in the request gives us the flag.

Last updated 1 year ago