h1-ctf: Hackyholidays [ h1-ctf] writeup [mission:- stop the grinch ]

Hello Team Description In the continuous series of 12 days, twelve flags were hidden inside Hackyholidays site - hackyholidays.h1ctf.com in which once we get all the flags, grinch can be stopped. This write-up will describe solving all the 12 days challenges. Step To Reproduce + It all started wh...

h1-ctf: [hackyholidays] CTF write-up

hi, this is my write-up for hackyholidays CTF. I attached the write-up in PDF format. thanks, REND Impact saving the Christmas... fix this otherwise people would be happy...

h1-ctf: [H1 hackyholidays] CTF Writeup

Hello team, Here is my CTF writeup for HackyHolidays. Main page The main page doesn't contain any interesting stuff, just a few assets. Maybe we will find some known files in webapp root: index.php, .htaccess, robots.txt, ...? robots.txt file exists, and there is the first flag: User-agent:...

h1-ctf: hackyholidays CTF Writeup

Summary: As per the referenced blog entry, the Grinch has gone hi-tech this year with the intentions of ruining the holidays. The challenge was about infiltrating the Grinch's network and take it down. As outlined on https://hackerone.com/h1-ctf, the domain hackyholidays.h1ctf.com was in scope. I...

h1-ctf: HackyHolidays H1 CTF Writeup

HackyHolidays Day 1 Once the CTF started and the Grinch released the scope hackyholidays.h1ctf.com, I started the CTF by a good old Nmap scan, to see whats running on the server. So the nmap command looked like nmap -sC -sV -oA nmap hackyholidays.h1ctf.com/. The result showed a promising entry...

h1-ctf: Successfully took down the Grinch and saved the holidays from being ruined

Beginning ---------- HackerOne's official twitter account posted a tweet on 11th December announcing 12 days of hacky holidays where we have to take down the grinch and prevent him from ruining the Christmas holidays. F1132156 Challenge 1: Something to get started...

h1-ctf: Complete destruction of the Grinch server

Hackyholidays flag 1 First flag is just a matter of reading /robots.txt file: User-agent: Disallow: /s3cr3t-ar3a Flag: flag48104912-28b0-494a-9995-a203d1e261e7 flag 2 Visiting /s3cr3t-ar3a and opening it with developer tools gets the second flag: flagb7ebcb75-9100-4f91-8454-cfb9574459f7 It is...

h1-ctf: Hackyholidays CTF writeup

Writeup for the hackyholidays CTF This CTF consisted of 12 challenges released daily in the 12 days leading up to christmas. The goal was to stop the Grinch from ruining christmas by slowly destroying the apps that he used to terrorize Santa and his elfs. The challenges were: 1. Robots.txt 2. DOM...

h1-ctf: Flags for hackyholidays CTF

Hi, Here are all the flags: 1. robots.txt: flag48104912-28b0-494a-9995-a203d1e261e7 2. s3cr3t-ar3a: flagb7ebcb75-9100-4f91-8454-cfb9574459f7 3. people-rater: flagb705fb11-fb55-442f-847f-0931be82ed9a 4. swag-shop: flag972e7072-b1b6-4bf7-b825-a912d3fd38d6 5. secure-login:...

h1-ctf: [CTF] I've DDoSed Grinch Network

Hello! Here are all 12 flags for HackyHolidays CTF: 1. flag48104912-28b0-494a-9995-a203d1e261e7 2. flagb7ebcb75-9100-4f91-8454-cfb9574459f7 3. flagb705fb11-fb55-442f-847f-0931be82ed9a 4. flag972e7072-b1b6-4bf7-b825-a912d3fd38d6 5. flag2e6f9bf8-fdbd-483b-8c18-bdf371b2b004 6...