Defkthon CTF - Misc 200 - Writeup

Given a text file of 61366 lines with each line having values similar to

255,255,255
255,255,255
237,130,48
215,140,82
255,243,207
255,251,237

etc.

Microsoft Hackcon CTF - Challenge 8 - Email Harvesting

The question was to find all the emails of the given site. The initial page of the site showed just a link, a link to another page. That page contained 2 links both leading to 2 different pages. From that point on wards each page showed 2 different links to 2 other pages and so on. The 11th level of page showed one email id.

From this style of information, we could deduce that the arrangement is similar to that of a binary tree. Since the page at the 11th level showed the email address, there would be 2^10 ie., 1024 email ids. So we needed to design a version of binary tree traversal algorithm to get all the email ids.

Same Origin Policy and JSONP

Some days back, I was developing a mobile application that needed communication with the server. Since I was learning about node.js, I decided to give it a try and make the web app in node. Earlier I used J2EE Servlets, which seems fairly simple, but very heavyweight for my educational projects. So, I thought node.js will be a lightweight substitute. Also, I was not using the native mobile application development to develop the app on android. I was using Phonegap to make a HTML-CSS-JS based app, and used jQuery mobile to do the JS part. So I thought if I opted for node.js on server side, it will be an all Javascript project which seemed like fun.

As I started and tried to do the basic things I always try out first - Send something from client to server, do something with the data, Send back something to the client, display it - I was addressing a new problem that I was not familiar with - Same Origin Policy.