From af78ce4a2b3e049a8d8bc9d16ea75a0b63286020 Mon Sep 17 00:00:00 2001
From: Abhinav I S <abhinavis2005@gmail.com>
Date: Mon, 2 Sep 2024 19:59:27 +0530
Subject: [PATCH] added content

---
 content/writeups/2024-09-02-316_writeup.md | 194 +++++++++++++++++++++
 content/writeups/RVCExIITBFinals/_index.md |   1 -
 content/writeups/_index.md                 |   2 +-
 3 files changed, 195 insertions(+), 2 deletions(-)
 create mode 100644 content/writeups/2024-09-02-316_writeup.md

diff --git a/content/writeups/2024-09-02-316_writeup.md b/content/writeups/2024-09-02-316_writeup.md
new file mode 100644
index 0000000..0c079d6
--- /dev/null
+++ b/content/writeups/2024-09-02-316_writeup.md
@@ -0,0 +1,194 @@
++++
+title = "316 CTF"
+date = 2024-09-02
+authors = ["Achintya Jai"]
++++
+
+# 316 CTF writeup
+
+challenges over at: https://316ctf.com/
+
+#### This CTF challenge requires you do a lot of hashcracking. The way you would generally approach this is using 
+
+1. John the ripper
+2. Hashcat
+
+But an unconventional approach would be to use this python script and let it run overnight. This will solve all the problems for you. 
+
+Note: Works on linux machines. Run this bash script first to install the necessary dependencies
+
+		#!/bin/bash
+
+		error_exit() {
+		    echo "$1" 1>&2
+		    exit 1
+		}
+
+		# Check if pip is installed
+		if ! command -v pip &> /dev/null
+		then
+		    error_exit "pip could not be found. Please install pip first."
+		fi
+
+		# Check if Selenium is already installed
+		if pip show selenium &> /dev/null
+		then
+		    echo "Selenium is already installed."
+		fi
+
+		echo "Installing Selenium..."
+		if pip install selenium
+		then
+		    echo "Selenium installed successfully."
+		else
+		    error_exit "There was an issue installing Selenium. Check the traceback above for details."
+		fi
+
+		CHROMEDRIVER_URL="https://storage.googleapis.com/chrome-for-testing-public/127.0.6533.72/linux64/chromedriver-linux64.zip"
+		DESTINATION_DIR="$HOME/Desktop"
+
+		TEMP_DIR=$(mktemp -d)
+
+		if ! command -v curl &> /dev/null
+		then
+		    error_exit "curl could not be found. Please install curl first."
+		fi
+
+		if ! command -v unzip &> /dev/null
+		then
+		    error_exit "unzip could not be found. Please install unzip first."
+		fi
+
+		echo "Downloading ChromeDriver..."
+		if curl -L "$CHROMEDRIVER_URL" -o "$TEMP_DIR/chromedriver.zip"
+		then
+		    echo "Download complete."
+		else
+		    error_exit "Failed to download ChromeDriver."
+		fi
+
+		echo "Unzipping ChromeDriver..."
+		if unzip "$TEMP_DIR/chromedriver.zip" -d "$TEMP_DIR"
+		then
+		    echo "Unzipping complete."
+		else
+		    error_exit "Failed to unzip ChromeDriver."
+		fi
+
+		if mv "$TEMP_DIR/chromedriver-linux64/chromedriver" "$DESTINATION_DIR"
+		then
+		    echo "ChromeDriver moved to $DESTINATION_DIR."
+		else
+		    error_exit "Failed to move ChromeDriver to $DESTINATION_DIR."
+		fi
+
+		rm -rf "$TEMP_DIR"
+
+		echo "ChromeDriver installation completed successfully."
+
+		# URL of the latest Google Chrome for Linux
+
+		DESTINATION_DIR="/opt/google/chrome"
+
+		TEMP_DIR=$(mktemp -d)
+
+		# Ask the user if they have Google Chrome installed
+		read -p "Do you already have Google Chrome installed? (Y/N): " has_chrome
+
+		if [[ "$has_chrome" =~ ^[Yy]$ ]]
+		then
+		    echo "You already have Google Chrome installed. Exiting the script."
+		    exit 0
+		fi
+
+		echo "Downloading Google Chrome..."
+		if wget -q -O google-chrome-stable_current_amd64.deb https://dl.google.com/linux/direct/google-chrome-stable_current_amd64.deb
+		then
+		    echo "Download complete."
+		else
+		    error_exit "Failed to download Google Chrome."
+		fi
+		echo "Following requires your sudo password"
+		sudo dpkg -i google-chrome-stable_current_amd64.deb
+
+		echo "Google Chrome installation completed successfully."
+
+
+Make sure you say "N" to having chrome. This is because it requires the specific version which you may not have. After this you can run this python script.
+
+Just make sure to enter your **email address** and **password** in the script for a smooth login. 
+
+		#!/usr/bin/env python3
+
+		import time
+		from selenium import webdriver
+		from selenium.webdriver.common.by import By
+		from bs4 import BeautifulSoup
+		from selenium.webdriver.support.ui import WebDriverWait
+		from selenium.webdriver.support import expected_conditions as EC
+		from selenium.common.exceptions import TimeoutException
+
+		print('wait...')
+		
+		home_directory = os.path.expanduser("~")
+		file_path = os.path.join(home_directory, "Desktop" , "chromedriver")
+		
+		service = webdriver.ChromeService(executable_path= file_path) # path to chromedriver executable
+		driver = webdriver.Chrome(service = service)
+
+		email = ''
+		password = ''
+
+		login_url = f'https://play.316ctf.com/login'
+		driver.get(login_url)
+		driver.find_element(By.NAME,'name').send_keys(email)
+		driver.find_element(By.NAME,'password').send_keys(password)
+		driver.find_element(By.NAME, "_submit").click()
+
+		def open_file(file_path):
+			with open(file_path,'r') as fp:
+				possible_passwords = fp.readlines()
+			return possible_passwords
+
+		file_path = r'/home/.../dictionary-list.txt' # path to dictionary list
+		possible_passwords = open_file(file_path)
+
+		def start_page():
+			challenge_url = 'https://play.316ctf.com/challenges#Huntsville%20#1-121'
+			driver.get(challenge_url)
+			delay = 3 #seconds
+			try:
+				myElem = WebDriverWait(driver,delay).until(EC.presence_of_element_located((By.ID, 'challenge-input')))
+			except TimeoutException:
+				print('page took too long')
+
+		start_page()
+
+		for password in possible_passwords:
+			possible_answer = password
+			driver.find_element(By.ID, 'challenge-input').send_keys(possible_answer)
+			driver.find_element(By.ID, 'challenge-submit').click()
+			time.sleep(0.9)
+			result = driver.find_element(By.ID, 'result-message').text
+			if result == 'correct':
+				print(f'GOT IT: {password}')
+				break
+			elif result == "You're submitting flags too fast. Slow down.":
+				print(f'too fast: {password}')
+				driver.refresh()
+				start_page()
+				time.sleep(5)
+			else:
+				print(f'WRONG: {password}')
+			answer_field = driver.find_element(By.ID, 'challenge-input')
+			answer_field.clear()
+			time.sleep(1)
+
+If you want to go the more traditional way then the following would help you
+
+    hashcat -m 0 -a 0 hash.txt dictionary-list.txt --show
+
+Just run
+
+    hashcat --help
+to understand the possible things this boy can do.
\ No newline at end of file
diff --git a/content/writeups/RVCExIITBFinals/_index.md b/content/writeups/RVCExIITBFinals/_index.md
index b2ab95a..f26999c 100644
--- a/content/writeups/RVCExIITBFinals/_index.md
+++ b/content/writeups/RVCExIITBFinals/_index.md
@@ -6,4 +6,3 @@ sort_by = "date"
 page_template = "blog-page.html"
 redirect_to = "writeups/RVCExIITBFinals/writeup"
 +++
-
diff --git a/content/writeups/_index.md b/content/writeups/_index.md
index 217ed7f..c32c7ac 100644
--- a/content/writeups/_index.md
+++ b/content/writeups/_index.md
@@ -8,4 +8,4 @@ page_template = "blog-page.html"
 
 ## CTF writeups
 
-- [RVCE x IITB CTF Finals](./RVCExIITBFinals/writeup)
+- [RVCExIITBCTF](./RVCExIITBFinals)