Scribd
Upload
11 views6 pages

KashiCTF SuperFastAPI - Hint Challnge 2

The document is a write-up by a Cyber Security student detailing their experience with a web challenge involving an API. The challenge included four endpoints, and the author successfully created a user and updated their role to admin to access a flag, ultimately earning 200 points. The write-up aims to guide beginners through the process of solving the challenge.

Uploaded by

jasminbsness
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
11 views6 pages

KashiCTF SuperFastAPI - Hint Challnge 2

The document is a write-up by a Cyber Security student detailing their experience with a web challenge involving an API. The challenge included four endpoints, and the author successfully created a user and updated their role to admin to access a flag, ultimately earning 200 points. The write-up aims to guide beginners through the process of solving the challenge.

Uploaded by

jasminbsness
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

KashiCTF SuperFastAPI —

Web challange

Shubhamkhatang
Follow
2 min read
·
Feb 24, 2025

Hello It’s me Shubham a Cyber Security student and a CTF

player.
Although this was a basic web challenge , still i decided to

make a writeup for beginners.​

So we basically get Base URL of an API , one opening the base

URL we get
So i started trying different API endpoints and on /docs# i got

the documentation of the API.

So we have 4 endpoints :-​

1. GET /get/{username} — Get User Details.​

2. POST /create/{username} — Create a new User.​

3. PUT /update/{username} — Update User Details.​

4. GET /flag/{username} — Get the Flag.

So i decided to create a user using the create endpoint. i used

curl to create a new user:

curl -X POST
http://kashictf.iitbhucybersec.in:26271/create/iMazik \
-H "Content-Type: application/json" \

-d '{

"fname": "John",

"lname": "Doe",

"email": "[email protected]",

"gender": "Male"

}'

and i got the output : {“message”:”User created

sucessfully”}

As soon as the user was created , i tried to access the flag

endpoint using —

http://kashictf.iitbhucybersec.in:62139/flag/iMazik​

but my excitement ended within seconds when i got the error :​

{“error”:”Only for admin”} 🥲


Now upon reviewing the endpoints i thought to try the update

endpoint for my user and try to update the role as admin. So i

wrote a curl command to do that and i got the response as user

created.

Now i was again all excited to try accessing the flag from the

flag endpoint , and this time my excitement landed upon the

flag and rewarded me 200 points.​

The flag was displayed on the flag/username endpoint.

Flag

So that’s how i solved this Superfast API challenge.


kind regards, Hope you enjoyed this write up <’3 .

You might also like