<script type="text/javascript" src="http://braaaains.hack.lu/bloody.js"></script>This clearly does not work as a web browser can't figure out how to resolve the domain name. A quick nslookup, however, reveals that braaaains.hack.lu only has in IPv6 address - 2002:95:d:21:4a::1. This IPv6 address also does not respond to web traffic, which causes us to examine the construction of the IPv6 address.
The 2002 prefix belongs to the "6to4 addressing" IPv6 range of address, which means we can extract an IPv4 address from the IPv6 Address.
95:d:21:4a = 149.13.33.74, which is the IP Address of ctf.fluxfingers.netSo, we next tried to navigate to http://149.13.33.74/bloody.js, but it gives us a file not found error. We fumbled around for a bit here before we decided that braaaains.hack.lu was actually important so we changed the HOST header of our HTTP request as it was outbound to be braaaains.hack.lu instead of 149.13.333.74 and we got back a result with just one thing on it: IcanSmellBigBrainsARRRRR. -- suntzu_II
No comments:
Post a Comment