COMRADE III is an easy web security challenge on CyberTalents that focuses on understanding application logic and analyzing exposed source files. The challenge requires careful inspection of the application behavior and hidden mechanisms to gain unauthorized access and retrieve the flag.

At first, we notice a normal web page, but it not contains something unusual that raises suspicion and indicates that there might be hidden functionality behind the scenes.

None

I went to check the source code to see if there was anything important, but I didn't find anything noteworthy. Everything looked normal at first glance.

None
None

Then, I used the Gobuster tool to check if there were any hidden directories.

None

Eventually, I found the /.git directory. Immediately, I used the git‑dumper tool to dump the repository and analyze its contents. This allowed me to review the source files and understand how the application works

None

Let's see to ctf folder .

None

After dumping the repository, I listed the files and found the following: api.php, contact_process.php, index.php, and x.jpg

None

After opening api.php, I found that it includes two files: access.php and index.php. The code checks if the value of the api_key cookie matches the stored API key. If the condition is true, the flag is displayed.

None

After reviewing contact_process.php, I noticed that the script handles user input from a contact form. Inside the code, a variable called $access is generated using bin2hex('this_is_top_secret'), which converts a hidden string into a hexadecimal value. This value appears to be an access key used by the application

After identifying that the access key is generated using bin2hex('this_is_top_secret'), the next step was to convert this string into its hexadecimal representation. This was done using the following command:

echo -n "this_is_top_secret" | xxd -p

This command converts the string into hexadecimal and produces the following value:

746869735f69735f746f705f736563726574

Finally, when sending a request to api.php with the correct api_key cookie, the application successfully validated the key and displayed the flag.

None

so we can see the flag :

None

The Flag Is : Flag{g!7_!5_4w350m3_XD!!}

None

That's it for my write-up! I really enjoyed solving this challenge. Hope you found it helpful and interesting. Stay curious and keep learning!

See you soon! 👋😄

#CyberSecurity #WebPentesting #CTF#Z3DX