Interactive Coloring

drag iconDrag any color from the left toolbar to an area or text in the page. A blue outline will indicate a droppable element.

drag iconOn mobile, wait a tiny bit until you drag the color drop.

Wargames.MY December 2018 – Teka Teki Pakcik Bawang

We were given a .onion URL and there is a “Flag” page on the website which contain the hint for this challenge.

So basically, we need to identify the real ip of the website to get the flag. There is a hint released which shed some light:

Information Gathering: where do we run our CTF infra.

From the hint above, we then identified all wargames.my subdomain IP address:

d2018.wargames.my 68.183.226.119
gooble.wargames.my 68.183.191.52
phpsbox.wargames.my 178.128.211.120
waf2.wargames.my 167.99.72.178
hackerman.wargames.my 68.183.229.27

The next step is to identify the available host within the subnet which listening to port 80. After going through all the hassle we lastly found one.


nmap -PN -p 80 --open 167.99.64.0/20 -oG - | awk '$NF~/http/{print $2}' >> DCSG.txt

and we get the list of hosts…[output snipped]

Write simple script to grep the info like title.

#!/bin/bash

date
cat DCSG.txt | while read output
do
curl http://$output --max-time 3 | egrep 'No DB CMS' >> DCSGresult.txt
echo $output >> DCSGresult.txt
done

and return our expected result.

Access the website using IP address and here is our flag.

Flag : wgmy{bawang_membawang_tok_pawang}

Lesson learned: use http-title instead. 🙂

This website use cookies to ensure that you have the best experience on this website.