DEV Community

DaNeil C
DaNeil C

Posted on • Edited on

4 1

Hacker101 CTF - BugDB v2

  • CTF Name: BugDB v2
  • Resource: Hacker101 CTF
  • Difficulty: Easy
  • Number of Flags: 1

Note::: NO, I won't be posting my found FLAGS, but I will be posting the methods I used.


Flag0

  • Hint:
    1. What has changed since last version?
    2. What do the queries tell you?
    3. Have you tried a mutation?
  • Acquired By:
    • This starts out the same a v1 so I first wanted to just poke around again and see if the same queries would work. The final script from the last challenge didn't work but working backwards from the errors I did get some information to show.Alt Text This allowed me to see that there was an "admin" and "victim" user but how to exploit this?
    • Now I wanted to play with the Bugs reports as I am guessing that that is where the flag is again. After some relocating of the "allBugs" query I noticed that it was missing a report from the victim. I bet it is set to private so how do I get it? Alt Text
    • Based on the third hint I need to learn more about GraphQL mutations. Mutations involve its own query where you mutate the Bugs private field. This will involve a mutation function that will change the private field to false and then re-running the previous query to view all the bug texts. Alt Text

Thoughts/Learned

I learned a bit more about GraphQL and manipulating them but I have a gap as to the practical application of this. I am venturing to guess that because of the nature of GraphQL to give a LOT of information that it is a matter of manipulating the shown image blindly (or based off a known user) to find information that might be there but not directly viewable, yet.


Happy Hacking

Please Note that I am still learning and if something that I have stated is incorrect please let me know. I would love to learn more about what I may not understand fully.

Image of Timescale

Timescale – the developer's data platform for modern apps, built on PostgreSQL

Timescale Cloud is PostgreSQL optimized for speed, scale, and performance. Over 3 million IoT, AI, crypto, and dev tool apps are powered by Timescale. Try it free today! No credit card required.

Try free

Top comments (1)

Collapse
 
eyokfla profile image
eyokfla

Thank you so much for your precious help, now i start to figure out those CTF. Two weeks ago i didn't undertood the point with these games now i undestand that we have to analyse and test everything possible! God bless you!

Billboard image

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay