MITRE CTF 2019 - Web [50] HTTPS Certificate Valid Addresses
Skills:
Network Security70%
Key Takeaways
Solves the MITRE CTF 2019 web challenge using HTTPS certificate valid addresses
Full Transcript
[Music] what's up everybody my name is john hamid we're looking at mitre CTF the capture the flag this challenges the 50-point web challenge and it's called super secret hidden service so the challenge from here is just a link and then a URL to this IP address here and we have just low okay insert your connection that's fine we'll just roll through these as usual at exception blah blah blah but we get nothing this page says 421 site this IP address is not served on this interface control u gives us nothing right robots.txt nothing there looks like it looks like it returned it no matter what I had in there so literally whatever we enter it just tells us this is this error message so I had googled this I tried to do a little bit of a research site is not served on this interface try to Google this a little bit looks like the caddy community caddy 404 404 site on so from this interface caddy server it sounds like there's just a lot from all the research that I had done and from all the reading that I had done it was evil pretty simple or at least logical to deduce that okay maybe this is a caddy server I had done a little bit of research and understanding and I was talking with people in the discord server we were banging her head against the wall on this for a while if you aren't in the discord server you should totally come hang out that's an awesome think tank and someone had said like how many would solved it and I said there's literally everything that you need is on the web page I'm like what the f what does that mean what the garbage so I googled this more look through it and I try to think of like am I missing something is there something clever that I'm just not seeing just I couldn't tell what it was and then eventually I my eyes came back to the certificate and I was wondering why is this HTTPS when all the other challenges it seemingly anyway now in hindsight now that I've gone through more of them but they're just regular HTTP if it's HTTP in a CTF challenge like if you're seeing SSL or HTTPS in a capture the flag like tasks it's there for a reason like everything that's in a CTF challenge has got to be there for a reason so why some of my Google search some of my readings had stumbled upon one kind of this this link it specifically it said riccati serves wrong as this el surfer site that's not served on an HTTP port and I thought this was odd because they're being read about it and then I went through and they mentioned there etc host file and I was like oh my god is this like some virtual host thing is that is that not served on this interface kind of a tip of the hat or a nudge to oh it needs a domain or it needs something specific as that's a virtual hosting thing and then I was like Oh domains right domains are stored in the certificate so I'm like okay let me dig this out let me let me actually open this up let's see what this certificate is if I check out more information on this thing looks like a website view certificate it's a caddy cell sign okay so that confirmed that is caddy and I opened up the view certificate got some details here we can explore it I just try to look through each of these to see if I get anything interesting like a domain name or something and then eventually I found okay we have a DNS name in the salt named the certificate subject of 138 the IP address dot X I Pio and I was like what is that do I need to set that in my server host file and I added it in and mess with it turns out I didn't need to do that now that I've kind of relived this challenge a couple times over again but it's funny had I actually just looked at that originally like had I read through the prompt to access this on an insecure setup like if I open Firefox again just create a new prompt a new page for let's go to that location and I don't know if I maybe I need to close this other Firefox I'll do it you know what I'll do it for you guys just for you let's go to this location okay let's remove this certificate it's probably all I needed to do I'm an idiot exception great so having seen this prompt now if had I not just steamroll over like we always tend to it says the you nor the owner of this site has configured their website improperly let's check out the advanced stuff it says this uses an invalid security certificate the certificate is not trusted because it's self signed at that I would expect the certificate is only valid for this so I'm like okay that must be a thing I didn't know if I needed to set an IP address forward and set for host file eventually I just tried let's go to this location let's try and open that in our URL address bar so HTTP though right because it needs to have that certificate so I entered that and this tells me oh your connections not secure check out advanced but it says the certificate is not trusted because it's self signed it doesn't matter it seems to at least be valid right so add exception yeah okay let's do it and there's the flag like that's it I didn't I from what I understand there were a lot of people that were like tweaking out over this thing like the site's not loading for me the page isn't working what's going wrong etc and just kind of need to be really SuperDuper observant and everything in the page check out the certificate always check out a certificate if it exists and that's honestly my like learning takeaway right now is if you're given a certificate in a CTF problem it's probably there for a reason so dig through it is does it have a domain name does it have any other information email addresses user names stuff that you might just find any information you can like latch on to and that's that it gave us this IP address and some of the research helped us find with caddy and stuff and that's great that is also necessary doing the research and just banging your head against the wall but that's that that's that challenge you can submit that get some points and thanks for watching guys hope you enjoyed this this is a lot of fun I love recording these videos I hope you guys really enjoy watching them thank you so much I'm looking forward to join into the next CTF I think Tambu CTF is gonna start we're already did start but now that minor CTF is over I'm gonna jump into that so thanks for watching guys if you liked this video please do like comment and subscribe hope to see you in the next video love to see on the discord server I'd love to see you on patreon PayPal thank you thank you never said enough [Music]
Original Description
If you would like to support me, please like, comment & subscribe, and check me out on Patreon: https://patreon.com/johnhammond010
E-mail: johnhammond010@gmail.com
PayPal: http://paypal.me/johnhammond010
GitHub: https://github.com/JohnHammond
Site: http://www.johnhammond.org
Twitter: https://twitter.com/_johnhammond
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from John Hammond · John Hammond · 0 of 60
← Previous
Next →
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
Code Commentaries? PHP to JavaScript in Bash and PHP!
John Hammond
Tutorials? MySQL connection with PHP and Bash!
John Hammond
Variable Naming in Python! Happy Birthday, Linux! Nokia N900!
John Hammond
JavaScript Splits The URL!
John Hammond
HTML Tables in Python!
John Hammond
HTML, Net Shares, GML!
John Hammond
Python 08 Programming Style and Comments
John Hammond
Python 26 Object Oriented Programming
John Hammond
75 Python Tutorials, Out Now!
John Hammond
Batch 14 Mathematical Expressions
John Hammond
Batch 85 Array Append
John Hammond
Batch 86 Array Count
John Hammond
Batch 87 Array Index
John Hammond
Batch 88 Array Insert
John Hammond
Batch 89 Array Remove
John Hammond
Batch 90 Array Reverse
John Hammond
Python [colorama] 00 Installing on Linux
John Hammond
Python [colorama] 09 Cursor Position
John Hammond
Python [hashlib] 02 Algorithms
John Hammond
Python 00 Installing IDLE on Linux
John Hammond
Python [pygame] 11 Rectangular Collision Detection
John Hammond
Python [pygame] 12 Platforming Rectangular Collision Resolution
John Hammond
Python [XML-RPC] 01 Research
John Hammond
Python [pyenchant] 03 Personal Word Lists
John Hammond
FancyURLopener Authentication and User-Agent [urllib] 03
John Hammond
Python 04: PEP8 Coding
John Hammond
Python Challenge! 17 COOKIES
John Hammond
Google CTF 2016: Ernst Echidna
John Hammond
Google CTF 2016: Spotted Quoll
John Hammond
Google CTF 2016: Can you Repo It?
John Hammond
Google CTF 2016: No Big Deal
John Hammond
Google CTF 2016: In Recorded Conversation
John Hammond
Homemade CTF Challenge: 01 "Orchestra"
John Hammond
Homemade CTF Challenge: 02 "Bae's Base"
John Hammond
Homemade CTF Challenge: 03 "Web Hunt"
John Hammond
Homemade CTF Challenge: 04 "UPX"
John Hammond
Homemade CTF Challenge: 05 "The Assumption Song"
John Hammond
Homemade CTF Challenge: 06 "A Brisk Stroll"
John Hammond
Homemade CTF Challenge: 06 "I lost my password!"
John Hammond
web25 :: Mr. Robot : EKOPARTY CTF 2016
John Hammond
web50 : RFC 7230 :: EKOPARTY CTF 2016
John Hammond
misc50 : Hidden inside EKO :: EKOPARTY CTF 2016
John Hammond
Hack The Vote 2016 CTF: Sander's Fan Club [web100]
John Hammond
Hack The Vote 2016 CTF Warpspeed [forensics150]
John Hammond
Juniors CTF 2016 :: Black Suprematic Square
John Hammond
Juniors CTF 2016 :: Six Strange Tales
John Hammond
Juniors CTF 2016 :: Lost Code
John Hammond
Juniors CTF 2016 :: Here Goes!
John Hammond
Juniors CTF 2016 :: Southern Cross
John Hammond
Juniors CTF 2016 :: Clone Attack
John Hammond
Juniors CTF 2016 :: Dirty Repo
John Hammond
Juniors CTF 2016 :: Hackers Blog
John Hammond
Juniors CTF 2016 :: Voting!!!
John Hammond
Juniors CTF 2016 :: The Good, The Bad and The Junkman
John Hammond
Juniors CTF 2016 :: Stop Thief!
John Hammond
Juniors CTF 2016 :: ROFL
John Hammond
Juniors CTF 2016 :: Restriced Area
John Hammond
Juniors CTF 2016 :: Oh SSH!
John Hammond
HackCon CTF 2017 TRIVIA and BONUS Challenges
John Hammond
HackCon CTF 2017 "Bacche" Challenges
John Hammond
More on: Network Security
View skill →Related AI Lessons
⚡
⚡
⚡
⚡
Cyber Hygiene: The Everyday Habits That Protect Your Digital Life
Medium · Cybersecurity
I found 10 bugs in my own security scanner. Here's what they taught me about false positives.
Dev.to · Zein Saleh
Sudden SSL Error for github pages custom domain website
Reddit r/webdev
Reverse-proof protector
Medium · Cybersecurity
🎓
Tutor Explanation
DeepCamp AI