Skip to content

KipodAfterFree/KAF-2019-FireHog

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

24 Commits
.idea
.idea
 
 
firehog
firehog
 
 
fix
fix
 
 
web
web
 
 
2019-FireHog.iml
2019-FireHog.iml
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
build.sh
build.sh
 
 
export.sh
export.sh
 
 
run-browser.sh
run-browser.sh
 
 
run-server.sh
run-server.sh
 
 

Repository files navigation

FireHog

FireHog is an information security challenge in the Web/Reversing category, and was presented to participants of KAF CTF 2019

Challenge story

A version of our CLASSIFIED browser that we use internally got leaked!

Download [FireHog.tar.gz]

Installation:

gunzip -c FireHog.tar.gz | docker load
docker run --rm -it firehog

Challenge exploit

The user receives a version of lynx that is old and modified, and has to understand what the communication with the server is all about. After that, recursive search over the whole website.

Challenge solution

Recursive search (crawler) over the given links.

Building and installing

Clone the repository, then type the following command to build the container:

You can build the whole project by typing: ./export.sh or run individual parts by running ./run-browser.sh and ./run-web.sh.

You will also need to add an /etc/hosts entry to reroute ctf.kaf.sh to localhost.

Some very important notes:

I used the following links to update some things and get old versions of things:

  1. config.sub
  2. config.guess
  3. lynx
  4. ncurses

Flag

Flag is:

KAF{n3v3r_90nna_y33t_th1s_fla9}

License

MIT License

About

No description, website, or topics provided.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages