Skip to content

Commit 1c0d68d

Browse files
committed
Web tunnel.
1 parent 0478b0e commit 1c0d68d

File tree

3 files changed

+36
-2
lines changed

3 files changed

+36
-2
lines changed

SUMMARY.md

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -31,3 +31,4 @@
3131
* [Web](web.md)
3232
* [Cookie Blog \[30 points\]](/web/cookie-blog-30-points.md)
3333
* [TinyEval \[100 points\]](/web/tiny-eval-100-points.md)
34+
* [Web Tunnel \[260 points\]](/web/web-tunnel-260-points.md)

web.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,7 +9,7 @@ This category focuses on attacks related to using a web browser or internet conn
99
* Blogbox \[135 points\]
1010
* SQL Injection 2 \[150 points\]
1111
* Edge 2 \[200 points\]
12-
* Web Tunnel \[260 points\]
12+
* [Web Tunnel \[260 points\]](/web/web-tunnel-260-points.md)
1313

1414

1515

web/web-tunnel-260-points.md

Lines changed: 34 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1 +1,34 @@
1-
https://github.com/SST-CTF/writeups/tree/master/Easy%20CTF/web-tunnel
1+
# Web Tunnel - 260 Points
2+
3+
I was just going to search some random cat videos on a Saturday morning when my friend came up to me and told me to reach the end of this tunnel. Can you do it for me? - http://tunnel.web.easyctf.com
4+
5+
### Solution
6+
7+
Going to the site we are given a QR code. Scanning the QR code gives a random string of length 20. Redirecting the browser to this string, another QR code appears, so on and so forth.
8+
9+
We are going to need an automated way to scan these QR codes, store the string, and download the next QR code. Over and over.
10+
11+
We will be using the zbarimg library to scan the QR codes. You can get this libaray by typing: ```sudo apt-get install zbar-tools```. Now coding a bash script to automate the proccess.
12+
13+
```shell
14+
#!/bin/bash
15+
16+
# Starting image ID
17+
nextImg="DaicO7460493nYSuvLPW"
18+
19+
# Create an aoutput file for analysis
20+
touch out.txt
21+
22+
# Loop for a long time
23+
while true
24+
do
25+
wget http://tunnel.web.easyctf.com/images/$nextImg
26+
raw=`zbarimg $nextImg`
27+
nextImg=${raw:8:20}
28+
echo $raw > out.txt
29+
done
30+
```
31+
Running the program for a few minutes and searching the output file for 'easyctf; gets us the flag.
32+
33+
34+
###### Flag: easyctf{y0u_sh0uld_b3_t1r3d_tr4v3ll1ng_all_th1s_w4y}

0 commit comments

Comments
 (0)