Najam Ul Saqib's Blog

Here is the walkthrough for another CTF available on  Hacker 101  is Micro-CMS v1 This CTF has four flags and I will walk you off through each one of them. Let's start! This is the main page of the CTF where you have some options like you can create some pages, and read the already created ones. Flag 0: To find the flag0 you need to first create a page with some random content After creating the page, you will be redirected to the page you just created showing the contents. Observe the URL at this moment. It will be something like: http://34.74.105.127/242d57e34e/page/13 Noticing that our page number has been assigned number 13 and by manually changing the page number you can access other pages. Now click on Edit this Page  button in the top right corner. Now observe the URL which will be like http://34.74.105.127/242d57e34e/page/edit/13 So we know now that we can access a page in two ways, by simply hitting the page URL and by hitting the edit page URL.

So here is my first walkthrough for you guys and that will be the easiest of the lot, this is the first CTF available on HackerOne.com What I like about HackerOne is that they give you private invitations to programs based on your performance in CTFs so I guess doing CTFs on HackerOne (honestly) will be worth your time and effort. Let's Start! By clicking on this CTF you get to the page which looks something like this It's a blank page with zero interactivity, so our first bet will be to check the page source of this page by Ctrl +U There is absolutely nothing in the page source apart from some plain text in the body and an image which is mentioned in url()  so why not give this image a try in URL like this and boom..!! Here is your flag!  It was that simple, believe me, you'll not get simpler CTF than this, it was just to get your hands a bit dirty. Good luck. P.s I have hidden the flag so that one just don't copy/paste the flag but you