bugdb_v1

testert1ng · testert1ng · commit 817aa953fcb3 · 2019-07-03T20:57:54.000+10:00
diff --git a/README.md b/README.md
@@ -6,25 +6,26 @@
 
 ## 0x01 CTF
 
-| Difficulty (Points) |	Name                                              | Skills      | Completion |
-| ------------------- | ------------------------------------------------- | ----------- | ---------- |
-| Trivial (1 / flag)  | [A little something to get you started][2]        | Web         | 1 / 1      |
-| Easy (2 / flag)     | [Micro-CMS v1][3]                                 | Web         | 4 / 4      |
-| Moderate (3 / flag) | [Micro-CMS v2][5]                                 | Web         | 3 / 3      |
-| Hard (9 / flag)     | [Encrypted Pastebin][12]                          | Web, Crypto | 1 / 4      |
-| Moderate (6 / flag) | [Photo Gallery][10]                               | Web         | 3 / 3      |
-| Moderate (5 / flag) | [Cody's First Blog][8]                            | Web         | 3 / 3      |
-| Easy (4 / flag)     | [Postbook][6]                                     | Web         | 7 / 7      |
-| Moderate (0 / flag) | [Ticketastic: Demo Instance][9]                   | Web         | 0 / 0      |
-| Moderate (5 / flag) | [Ticketastic: Live Instance][9]                   | Web         | 2 / 2      |
-| Easy (3 / flag)     | [Petshop Pro][7]                                  | Web         | 3 / 3      |
-| Hard (7 / flag)     | [Model E1337 - Rolling Code Lock][13]             | Web, Math   | 0 / 2      |
-| Moderate (5 / flag) | [TempImage][4]                                    | Web         | 2 / 2      |
-| Easy (2 / flag)     | [H1 Thermostat][11]                               | Android     | 2 / 2      |
-| Expert (13 / flag)  | [Model E1337 v2 - Hardened Rolling Code Lock][14] | Math        | 0 / 1      |
-| Moderate (3 / flag) | [Intentional Exercise][15]                        | Android     | 1 / 1      |
-| Moderate (4 / flag) | [Hello World!][16]                                | Native      | 0 / 1      |
-| Expert (9 / flag)   | [Rend Asunder][17]                                | Native      | 0 / 3      |
+| Difficulty (Points) |	Name                                              | Skills       | Completion |
+| ------------------- | ------------------------------------------------- | ------------ | ---------- |
+| Trivial (1 / flag)  | [A little something to get you started][2]        | Web          | 1 / 1      |
+| Easy (2 / flag)     | [Micro-CMS v1][3]                                 | Web          | 4 / 4      |
+| Moderate (3 / flag) | [Micro-CMS v2][5]                                 | Web          | 3 / 3      |
+| Hard (9 / flag)     | [Encrypted Pastebin][12]                          | Web, Crypto  | 1 / 4      |
+| Moderate (6 / flag) | [Photo Gallery][10]                               | Web          | 3 / 3      |
+| Moderate (5 / flag) | [Cody's First Blog][8]                            | Web          | 3 / 3      |
+| Easy (4 / flag)     | [Postbook][6]                                     | Web          | 7 / 7      |
+| Moderate (0 / flag) | [Ticketastic: Demo Instance][9]                   | Web          | 0 / 0      |
+| Moderate (5 / flag) | [Ticketastic: Live Instance][9]                   | Web          | 2 / 2      |
+| Easy (3 / flag)     | [Petshop Pro][7]                                  | Web          | 3 / 3      |
+| Hard (7 / flag)     | [Model E1337 - Rolling Code Lock][13]             | Web, Math    | 0 / 2      |
+| Moderate (5 / flag) | [TempImage][4]                                    | Web          | 2 / 2      |
+| Easy (2 / flag)     | [H1 Thermostat][11]                               | Android      | 2 / 2      |
+| Expert (13 / flag)  | [Model E1337 v2 - Hardened Rolling Code Lock][14] | Math         | 0 / 1      |
+| Moderate (3 / flag) | [Intentional Exercise][15]                        | Android      | 1 / 1      |
+| Moderate (4 / flag) | [Hello World!][16]                                | Native       | 0 / 1      |
+| Expert (9 / flag)   | [Rend Asunder][17]                                | Native       | 0 / 3      |
+| Easy (2 / flag)     | [BugDB v1][18]                                    | Web, GraphQL | 1 / 1      |
 
 [1]: https://ctf.hacker101.com/ctf
 [2]: ./a_little_something_to_get_you_started
@@ -42,4 +43,5 @@
 [14]: ./model_e1337_v2-hardened_rolling_code_lock
 [15]: ./intentional_exercise
 [16]: ./hello_world
-[17]: ./rend_asunder
+[17]: ./rend_asunder
+[18]: ./bugdb_v1
diff --git a/bugdb_v1/README.md b/bugdb_v1/README.md
@@ -0,0 +1,7 @@
+# BugDB v1
+
+## [Flag0](./flag0) -- Found
+
+- What can you see? What can you not see?
+- What data types are involved?
+- Have you tried querying different endpoints?
diff --git a/bugdb_v1/flag0/README.md b/bugdb_v1/flag0/README.md
@@ -0,0 +1,48 @@
+# BugDB v1 - FLAG0
+
+## 0x00 Overview
+
+Very direct and easy CTF. The purpose is more like taking a tour of Graphql.
+
+## 0x01 FLAG
+
+The left side is the QUERY and the RIGHT side is results.
+
+There is also a very clear structure of data at very right side for reference.
+
+So just make a query to loop through all the details of the data set.
+
+```graphql
+{
+  user {
+    edges {
+      node {
+        id,
+        username,
+        bugs {
+          pageInfo {
+            startCursor
+            endCursor
+          },
+          edges {
+            cursor,
+            node {
+              id,
+              reporterId,
+              text,
+              private,
+              reporter {
+                id
+              }
+            }
+          }
+        }
+      }
+    }
+  }
+}
+```
+
+And here comes the flag.
+
+![](./imgs/flag.jpg)
diff --git a/bugdb_v1/flag0/imgs/flag.jpg b/bugdb_v1/flag0/imgs/flag.jpg
