Nuit du Hack 2014 Quals - Onions rings (misc 150)

Since I was the Tor use/promoter and has a Tor sticker on my laptop, I was the one in charge of this challenge.

A new black market has appeared and has been targeted by the FBI. After checking for suspicious posts on stackoverflow and finding nothing, they give up and are offering a bounty to anyone who can get information on the server that is hosting the hidden service.

The url was http://mq72g4732yorslzf.onion/

It's a Tor hidden service, for a black market.

onion_market_ndh

We were authorised to change our avatar, either by providing, an image from our computer, or from an url. The image is then encoded in base64, and displayed by the mean of data:image/gif:base64,...

onion_market_ndh

I tried to include http://mq72g4732yorslzf.onion/flag.php, or index.php, or config.php, or ...

Then I realised that the admin may have been lazy, and didn't set up the server to resolve Tor domains. I included 127.0.0.1:80, and tadaaaaa:

onion_market_ndh

This is what the unbase64 file looks like:

onion_market_ndh

Flag: 0hSh1t1r4n0ut0fn00dl35

Artificial truth

The more you see, the less you believe.

Nuit du Hack 2014 Quals - Onions rings (misc 150)
Sun 06 April 2014 — download