Korean Web Challenges [Web-01]

Summary

Korean Web Challenges is a CTF challenges series which has 75 web specific challenges in it that eventually grow in difficulty as you move ahead, starting with the first challenge i came across this single page as you see below

From here the first poke around thing was eventually this "viewsource" link, upon clicking it opens this page with bunch of PHP and HTML code

So certainly this viewsoruce was not the only viewsource of the html page that we were seeing initially instead challenge owner created this to give us some hint about the challenge, so lets straight dive into it and examine it.

CODE 1

it is a php code OK!,

  • line 1 it import functions from config.php
  • line 2, it except a view-source get parameter to have a value = 1, on this condition it executes view-source() function
  • line 3-4, checks if cookie with name user_lv is missing in request and then generate a cookie and sent back in response.

Till this part the code is only rendering this view-source hint page with get parameter view-source=1 and then just create cookie with name user_lv and value = 1

CODE 2

We have skipped the html part since it is very basic and nothing catchy in it

2nd code snippet is also php, lets break it

  • Line 1, If cookie user_lv value is not numeric then set the value to 1
  • Line 2, If cookie user_lv value is greater than or equal to 4 then again set the value to 1
  • Line 3, If cookie user_lv value is greater than 3 then solve it!
  • Line 4, Just print the user_lv as level (XSS)

from code 2, line 2 & 3 it is clear that the code will crack if user_lv value is > 3 and < 4, so the straightforward answer is any number decimal number between 3 to 4 i.e. 3.1 to 3.9

Solution

we choosen 3.5, wolla! it solved💪

Some Failed Attempts

WRONG cookie values

Even with correct answer it yelled at me becuase i forgot to the login challenge portal and php session cookie was missing in request

You can try challenge here (Don't forget to login 😄)