Avatar Namaste, I'm Saraunsh Shewale from India <3. I love to hack !. Going to blog about my research in infosec, writups of CTF challenges & HTB machines and occasional life lessons !!

TCS HackQuest Season 5 | Round - 2 & 3

tcs ctf tcshackquest hackquest5 contest-based-hiring grandfinalist top10 ethicalhacking
Published on 19 Mar 2021

Hello again ! So here’s the writeup for round 2 & 3 of TCS HackQuest Season 5.

Round 2 was group discussion among 10 participants in each group. It was all about the approach taken to solve the CTF challegnes of round 1. Learnt lot from my fellow participants while we were discussing about every approach possible to solve the challenges.

Round 3 was proctored CTF round where we had to turn on the camera throughout the challenge duration. There were 3 CTF challenges & time duration was 2 hours. I managed to solve 2 and got 600 points.

After solving the CTF challenges we were given 1 hour to document everything we did to obtain the flag in a word document provided by TCS HackQuest team. So, make sure to write understandable descriptive steps that you have taken to solve the challenges & take screenshots of everything you do !!

I wrote this blog in a very beginner friendly way to help my future infosec buddies !

Following are the 2 challenges that I managed to solve in Round 3:

1. It’s Exposed !!

Flag: "hq5{50m3*pu811c}"
  1. This challenge was simple OSINT. As it was given in the challenge about company startup named – arcanehqdev. So, I ran simple google search with this keyword & got following results. image
  2. Then click on search instead & it gives 2 URLs which are related to Trello boards. Clicking on first Trello board link gives: image
  3. As we can see there’s a pastebin link shared with description as: Saved key. So, I browsed the link & got the key. image
  4. Submitting this key into the challenge website link returns the flag. image

2. A Pandemic Inhibitor

Flag: "hq5{y0u_54v3d_y0u2531f}"
  1. We are given a website link, when we visit this link we see all sorts of guidelines and basic static info on the page regarding covid-19. Viewing the source code of the page, reveals a interesting API endpoint. image
  2. When we visit this endpoint, we get the following API information that may present on the website along with the required parameters for each API call. image
  3. Now I tried all the API requests with trial & error methdology and observed the responses in burp suite. The one which gave me the flag was API: assistpersonnel.
  4. Then I capture the request in burp suite, added all the required parameters – helpingid, amount & comment. When I sent this request, the response came in as Helping ID is not registered.
  5. Then I thought of inputting my DT ID which is used to login in the TCS portal inside the parameter helpingid and guess what I got the flag in response of api request. image

Gracias & all the best !!

related posts

all tags

AD CRTP account-takeover active-directory an-post contest-based-hiring contiinued ctf cve-2021-28293 engineering-life ethicalhacking goodold-days grandfinalist hacking hackquest5 happy-transformation irish-revenue journey life-changing-movements pentesting phishing-as-a-service phishing-kits real-world red-team saitama seceon security siem-tool social-engineering tcs tcshackquest top10 vulnerability windows