encrypted pastebin flag0

Author: testert1ng

README.md

@@ -6,18 +6,25 @@
 
 ## 0x01 CTF
 
-| Difficulty (Points) |	Name                                       | Skills  | Completion |
-| ------------------- | ------------------------------------------ | ------- | ---------- |
-| Trivial (1 / flag)  | [A little something to get you started][2] | Web     | 1 / 1      |
-| Easy (2 / flag)     | [Micro-CMS v1][3]                          | Web     | 4 / 4      |
-| Moderate (3 / flag) | [Micro-CMS v2][5]                          | Web     | 3 / 3      |
-| Moderate (6 / flag) | [Photo Gallery][10]                        | Web     | 3 / 3      |
-| Moderate (5 / flag) | [Cody's First Blog][8]                     | Web     | 3 / 3      |
-| Easy (4 / flag)     | [Postbook][6]                              | Web     | 7 / 7      |
-| Moderate (5 / flag) | [Ticketastic: Live Instance][9]            | Web     | 2 / 2      |
-| Easy (3 / flag)     | [Petshop Pro][7]                           | Web     | 3 / 3      |
-| Moderate (5 / flag) | [TempImage][4]                             | Web     | 2 / 2      |
-| Easy (2 / flag)     | [H1 Thermostat][11]                        | Android | 2 / 2      |
+| Difficulty (Points) |	Name                                              | Skills      | Completion |
+| ------------------- | ------------------------------------------------- | ----------- | ---------- |
+| Trivial (1 / flag)  | [A little something to get you started][2]        | Web         | 1 / 1      |
+| Easy (2 / flag)     | [Micro-CMS v1][3]                                 | Web         | 4 / 4      |
+| Moderate (3 / flag) | [Micro-CMS v2][5]                                 | Web         | 3 / 3      |
+| Hard (9 / flag)     | [Encrypted Pastebin][12]                          | Web, Crypto | 1 / 4      |
+| Moderate (6 / flag) | [Photo Gallery][10]                               | Web         | 3 / 3      |
+| Moderate (5 / flag) | [Cody's First Blog][8]                            | Web         | 3 / 3      |
+| Easy (4 / flag)     | [Postbook][6]                                     | Web         | 7 / 7      |
+| Moderate (0 / flag) | [Ticketastic: Demo Instance][9]                   | Web         | 0 / 0      |
+| Moderate (5 / flag) | [Ticketastic: Live Instance][9]                   | Web         | 2 / 2      |
+| Easy (3 / flag)     | [Petshop Pro][7]                                  | Web         | 3 / 3      |
+| Hard (7 / flag)     | [Model E1337 - Rolling Code Lock][13]             | Web, Math   | 0 / 2      |
+| Moderate (5 / flag) | [TempImage][4]                                    | Web         | 2 / 2      |
+| Easy (2 / flag)     | [H1 Thermostat][11]                               | Android     | 2 / 2      |
+| Expert (13 / flag)  | [Model E1337 v2 - Hardened Rolling Code Lock][14] | Math        | 0 / 1      |
+| Moderate (3 / flag) | [Intentional Exercise][15]                        | Android     | 0 / 1      |
+| Moderate (4 / flag) | [Hello World!][16]                                | Native      | 0 / 1      |
+| Expert (9 / flag)   | [Rend Asunder][17]                                | Native      | 0 / 3      |
 
 [1]: https://ctf.hacker101.com/ctf
 [2]: ./a_little_something_to_get_you_started
@@ -29,4 +36,10 @@
 [8]: ./codys_first_blog
 [9]: ./ticketastic_live_instance
 [10]: ./photo_gallery
-[11]: ./h1_thermostat
+[11]: ./h1_thermostat
+[12]: ./encrypted_pastebin
+[13]: ./model_e1337-rolling_code_lock
+[14]: ./model_e1337_v2-hardened_rolling_code_lock
+[15]: ./intentional_exercise
+[16]: ./hello_world
+[17]: ./rend_asunder

encrypted_pastebin/README.md

@@ -0,0 +1,13 @@
+# Encrypted Pastebin
+
+## [Flag0](./flag0) -- Found
+
+- What are these encrypted links?
+- Encodings like base64 often need to be modified for URLs. Thanks, HTTP
+- What is stopping you from modifying the data? Not having the key is no excuse
+
+## [Flag1](./flag1) -- Not Found
+
+## [Flag2](./flag2) -- Not Found
+
+## [Flag3](./flag3) -- Not Found

encrypted_pastebin/flag0/README.md

@@ -0,0 +1,24 @@
+# Encrypted Pastebin - FLAG0
+
+## 0x00 Home
+
+![](./imgs/home.jpg)
+
+## 0x01 Try Post
+
+[http://127.0.0.1/xxxxxxxxxx/?post=6ybKGEfF47eN1k5eyj!lsraaVXFME-xBz51ocCeiAZPULUMIemubmPanqBO04ixb-01L-Qek7nUeXitmNAEMNrJ5BbfeP5GWD1hYEuHciAk81fRa4IyuvmcIG3sE1K11mM7s7hA1P1mChArqJR4i5wSrOF7O561nOHu!lGQcA1iFos-jU6x7iy-TJ4iI4yZjnHkcdXT2F9y6fH4!TY!DcA~~][1]
+
+The result page can decode the post param back to the **title** and **body**
+
+## 0x02 Modify the Param
+
+Added **12345** as prefix for param **post**
+
+[http://127.0.0.1/xxxxxxxxxx/?post=123456ybKGEfF47eN1k5eyj!lsraaVXFME-xBz51ocCeiAZPULUMIemubmPanqBO04ixb-01L-Qek7nUeXitmNAEMNrJ5BbfeP5GWD1hYEuHciAk81fRa4IyuvmcIG3sE1K11mM7s7hA1P1mChArqJR4i5wSrOF7O561nOHu!lGQcA1iFos-jU6x7iy-TJ4iI4yZjnHkcdXT2F9y6fH4!TY!DcA~~][2]
+
+Caused errors and get a flag.
+
+![](./imgs/flag.jpg)
+
+[1]: http://127.0.0.1/xxxxxxxxxx/?post=6ybKGEfF47eN1k5eyj!lsraaVXFME-xBz51ocCeiAZPULUMIemubmPanqBO04ixb-01L-Qek7nUeXitmNAEMNrJ5BbfeP5GWD1hYEuHciAk81fRa4IyuvmcIG3sE1K11mM7s7hA1P1mChArqJR4i5wSrOF7O561nOHu!lGQcA1iFos-jU6x7iy-TJ4iI4yZjnHkcdXT2F9y6fH4!TY!DcA~~
+[2]: http://127.0.0.1/xxxxxxxxxx/?post=123456ybKGEfF47eN1k5eyj!lsraaVXFME-xBz51ocCeiAZPULUMIemubmPanqBO04ixb-01L-Qek7nUeXitmNAEMNrJ5BbfeP5GWD1hYEuHciAk81fRa4IyuvmcIG3sE1K11mM7s7hA1P1mChArqJR4i5wSrOF7O561nOHu!lGQcA1iFos-jU6x7iy-TJ4iI4yZjnHkcdXT2F9y6fH4!TY!DcA~~