DEV Community

DaNeil C
DaNeil C

Posted on • Updated on

Hacker101 CTF - BugDB v1

  • CTF Name: BugDB v1
  • Resource: Hacker101 CTF
  • Difficulty: Easy
  • Number of Flags: 1

Note::: NO, I won't be posting my found FLAGS, but I will be posting the methods I used.


  • Hint:
    1. What can you see? What can you not see?
    2. What data types are involved?
    3. Have you tried querying different endpoints?
  • Acquired By:
    • This was a big odd of a hint so I started out just looking at the super blank page and looking at its code.Alt Text
    • Now that I've looked over it all I will poke around at the GraphQL tool that it is. Alt Text
    • With this CTF the left side of the page is the query and the right side is the output. This required knowing what queries GraphQL will accept soooo let's try some things. Alt TextAlt Text
    • Now I need to find the specific pattern to get alllllll of the information. Time to try some more thingsAlt Text
    • After some research and adding lots of things to the query I was able to get all the information to show up. Alt TextIf you look in the bugs of the second node ID there is a "text" field that has the flag.Alt Text


I have not played around with graphQL much so this was an interesting CTF to get me to research it more. I am looking forward to the second on and seeing how this will change.
I don't really know what I learned outside of more about GraphQL as this environment was set up for this.

Happy Hacking

Please Note that I am still learning and if something that I have stated is incorrect please let me know. I would love to learn more about what I may not understand fully.

Top comments (0)