Pizza Paradise
Writeup for Pizza Paradise (Web) - 1337UP LIVE CTF (2024) π
Video walkthrough
Challenge Description
Something weird going on at this pizza store!!
Solution
Players arrive at an online pizza store (AI making some tasty looking pizzas these days π€€).
There is appears to be nothing of interest, but /robots.txt has something.
It's some kind of top secret login portal π΅οΈββοΈ
Check the page source.
The getCredentials() function is in /assets/js/auth.js.
Crack the SHA256 hash with hashcat, john or crackstation.
Now we get access to the portal and can download some secret images.
The download function makes a GET request.
Maybe we can try /etc/passwd
But we get an error: File path not allowed!
With some trial and error, it's clear that removing /assets/images/ will cause problems. Let's try path traversal instead.
It works! We could try common locations for a flag.txt or we could download the PHP source code of the web app π‘
Inside, we find the flag!
Flag: INTIGRITI{70p_53cr37_m15510n_c0mpl373}
Last updated