SAARC - CTF 90
CTF Name: SAARC
Topic: Web Exploitation
Flag Format: ICTF{}
Description:
SAARC is a South Asian Association. There has 8 countries. You get all country details in this site. But do you know about SAARC?
Website: https://ictf.ihcbd.xyz/SAARC/
Solution:
When we visit the challenge URL, we notice that there are eight country names. Upon checking the first country, we observe that the URL starts from 2.php and ends at 9.php.
However, I decide to access 1.php instead. Upon selecting all the text on the page, I discover that there is white-colored text that was previously invisible. The text says, "Flag: You are not admin."
In order to obtain the flag, I realize that I need to become an admin. To start with, I check the cookies and find a cookie named "type" with a value of "user." I simply replace that value with "admin", save the changes, and then reload the page. As a result of this action, I successfully obtain the flag.
Flag: ICTF{544RC_1N_4514}
Join Our CTF Channel: