AmateursCTF 2023 - waiting an eternity
Description
Category: web
My friend sent me this website and said that if I wait long enough, I could get and flag! Not that I need a flag or anything, but I’ve been waiting a couple days and it’s still asking me to wait. I’m getting a little impatient, could you help me get the flag?
Link : waiting-an-eternity.amt.rs
Resolution
We go to the page and we get:
just wait an eternity
We inspect the response and we find a secret url in the refresh field of the header:
1
2
3
4
5
content-length: 21
content-type: text/html; charset=utf-8
date: Tue, 18 Jul 2023 20:05:37 GMT
refresh: 1000000000000000000000000000000000000000000000000000000000000000000000000000000000000000; url=/secret-site?secretcode=5770011ff65738feaf0c1d009caffb035651bb8a7e16799a433a301c0756003a
server: gunicorn
We go to https://waiting-an-eternity.amt.rs/secret-site?secretcode=5770011ff65738feaf0c1d009caffb035651bb8a7e16799a433a301c0756003a
And we need to wait again:
you have not waited an eternity. you have only waited 2.620063066482544 seconds
We notice that the time is set in the cookie:
1
Cookie: time=1689711043.186983
The server is probably computing the waited time with:
\[waited\_time = current\_time - cookie\_time\]Let’s change the time to -inf so that \(waited\_time = \inf\).
1
Cookie: time=-inf
And we get the flag: amateursCTF{im_g0iNg_2_s13Ep_foR_a_looo0ooO0oOooooOng_t1M3}