TCS HACKQUEST PLAYGROUND WALKTHROUGH


Hello Hackers! I hope you're doing well. This blog is a part of KeyCybr Internship.

Recently I came across the TCS Hackquest Playground, and here I'll be giving an insight into the solution for the same.

The link to register for the same is https://play.tcshackquest.com/register 

This playground is like a warm-up before the actual TCS Hackquest, which is probably scheduled for January 2022.

Let's dive into the challenges.


Challenge 1: Time to play with J.S. 

As you click on "Link here" you'll be redirected to a page that looks like 



You'll have to enter the value here to get the flag. Now, since there's nothing visible on the page, the fundamental thing that should strike you must be viewing the page source!

As you visit the page source, you'll see



The variable contains a base 64 string. On decoding it with the base 64 decoder




You'll get submitthis: {text_to_be_submitted}

As you submit the text and click on Retrieve the Flag, you'll receive your first flag!






Challenge 2: The Flash



As you click on "Gone in a Flash," you'll see a page refresh 10 times in front of your eyes, and you may feel helpless as you won't be able to stop it :P

However, to overcome this, you just need to use burpsuite or zap proxy. 

Intercept request for each uuid and view the response for the same. 

In one of the responses, you'll find the flag!




 Challenge 3: The Elawn Musk



Download the Tweet collection CSV file.

As we analyze the file, you'll find 

and you'll also see 




Now you have the text and the key. All we need to find out is the method of encryption.


From this line, it seems as if we have ECB. On doing further research, you'll come to know that encryption is AES 128 bit ECB mode encryption.

All you have to do is remove the first 8 bits of plain text and use the key.




After doing the same, you'll get a base 64 string. You'll bring plain text on decoding it, which you'll need to enter on the page given in the challenge.

 




Thus you'll get the final flag for the challenge as well.

Overall, the last challenge was a bit tricky, whereas the initial two challenges were comparatively easy.


P.S. Apologies for the blurry images😔. However, I hope that the content covered that up😄


If you like the content, consider connecting with me and pour your knowledge into my D.M.!!😇

Instagram: bhavak_29

LinkedIn: https://www.linkedin.com/in/bhavak-kotak-3b6b071b1/

"Images belong to their respective owners."

Comments

Post a Comment

Popular posts from this blog

Defeating RootME

Image
Hello hackers, Recently I started practicing on  Tryhackme  and came across this easy yet interesting machine named RootME by  ReddyyZ . I strongly recommend the beginners to try this machine out as it would clear the following several concepts of yours one of them being how to bypass file upload functionality and gain a reverse shell on the target system. Not only that, but you'll also have a basic idea about how privilege escalation works. So without taking up any more time of yours, let's jump into the walkthrough.                                                                                        : TASK 1 : Deploying the machine😅 While some of you might think what madness this is we already know that!! My dear friend, you're free to skip this portion then😊😌. Step 1: Connect to OpenVPN [Check the OpenVPN room so that you have an idea] Command used: openvpn {your openvpn file}   Step 2: Click on Start Machine or Start Attack Box. [ I think you can do this:) ] Step
Read more

Networking 101: The OSI Model

Image
 In the last couple of writeups, we talked about various things related to protocols, IP addresses, MAC Addresses, etc. We used the term layers and we talked about various layers like layer 2, layer 3, etc for various terms and protocols and addresses. Here's where all these layers lie and it is the model that comprises of and gives information about these layers. We are going to talk about the OSI Model. OSI stands for Open System Interconnection and as the name suggests OSI model sets standards for the systems that are open to communicating with other systems. Sometimes during technical discussions, a switch may be referred to as layer 2 or a router as layer 3 so it is extremely important to have a good idea about the OSI model. The OSI model comprises 7 layers. An easy way to remember them is a sentence that goes like A P enguin S aid T hat N obody D rinks P epsi. (Top to bottom order) (If you're a Pepsi lover please don't get offended this is just for the sake of reme
Read more