Kabinet's GitBook
  • 🚩Kabinet CTF's Writeups
  • Page
  • 2025
    • Thuderdome
      • Emerge through the breach
      • Pulled from the sky
      • An absent defense
      • A new wave (web of deceit)
      • Crossing the great divide
      • Joining forces as one
      • Infiltrate (open the gate)
      • Jaeger
      • Victory
  • 2024
    • GreyCTF 2024
      • Markdown Parser
      • Fearless Concurrency
      • GreyCTF Survey
      • Baby Web
      • Beautiful Styles
      • All About Timing
      • Poly Playground
    • TetCTF 2024
      • Hello from API GW
      • Microservices
  • 2023
    • BSidesSF Cloud Village CTF
      • Tony Tony Tony
      • Plain Sight
      • A Suit of Armor Around The World
      • Sharing is Caring + Sequel
      • Photo Drive
    • DART CTF
      • Flag 1
      • Flag 2
      • Flag 3
      • Flag 4
      • Flag 5
      • Flag 6
      • Flag 7
      • Flag 8
      • Flag 9
      • Flag 10
    • EKS Cluster Games
    • Big IAM Challenge
  • 2022
    • Stack The Flag
      • Secret of Meow Olympurr
  • Authored
    • Cyber League 2025 Major 1
      • Perfect Storage
      • catalog commits
      • pawtainer hub
    • Lag and Crash 2023
      • Managed Secrets
      • Pickle Rick
      • Cloudy with a chance of meatball
    • NYP InfoSec December CTF 2022
      • Super Secure Technology Infrastructure
      • Self Introduction
      • Aww Cuter Cat
      • Obligatory Calc
      • BreadSecurity
  • NYP InfoSec Introduction to Pentesting Workshop
Powered by GitBook
On this page
  • Challenge Description
  • Solution

Was this helpful?

  1. 2023
  2. BSidesSF Cloud Village CTF

Tony Tony Tony

PreviousBSidesSF Cloud Village CTFNextPlain Sight

Last updated 1 year ago

Was this helpful?

Challenge Description

Tony is a web application developer intern in a Product Based Company. Recently Tony was assigned to create a web app which can accept the codebase and gist URL as the parameter and save in the gallery. He has developed the API on AWS platform using which the end user can save the codebase from the remote URL.

Start here -

Solution

Viewing the page source shows a JavaScript code that POST to with the flag as the header

var codeEditor = CodeMirror.fromTextArea(document.getElementById("code"), {
    lineNumbers: true,
    mode: "javascript",
    theme: "default"
});

var myHeaders = new Headers();
myHeaders.append("authorizationToken", "flag-{gtkO4f4NOrJsRRNZWxiTbL6LLUs5Ir8g}");
myHeaders.append("Content-Type", "application/json");

var raw = JSON.stringify({
    "codeFile": code
});

var requestOptions = {
    method: 'POST',
    headers: myHeaders,
    body: raw,
    redirect: 'follow'
};

fetch("https://jg0rh6th8e.execute-api.ap-south-1.amazonaws.com/test/share", requestOptions)
    .then(response => response.text())
    .then(result => {
        var resultDiv = document.getElementById("result");
        resultDiv.innerHTML = "";

        var pre = document.createElement("pre");
        pre.innerText = result;
        resultDiv.appendChild(pre);
    })
    .catch(error => console.log('error', error));

Flag: flag-{gtkO4f4NOrJsRRNZWxiTbL6LLUs5Ir8g}

http://65.0.191.38/
https://jg0rh6th8e.execute-api.ap-south-1.amazonaws.com/test/share