Add files via upload

Git-Logan · web-flow · commit 83400f9a8012 · 2022-03-04T22:53:30.000-05:00
diff --git a/osint/contributor/README.md b/osint/contributor/README.md
@@ -0,0 +1,20 @@
+# contributor
+
+## Challenge Text
+* Aren’t tech talks great? The JerseyCTF organizing staff is so grateful that our speakers can share their wonderful experiences with our participants. In fact, one of the speakers actually helped us develop https://www.jerseyctf.com/ and http://www.jerseyctf.online/. How cool is that!
+
+## Hint
+* 1.0 × 10^100
+
+## Solution
+* In the https://www.jerseyctf.com/ source code, find the **DRodgers** comment matches with the speaker Donnie Rodgers.
+* Using the **Forgot Password?** feature on http://www.jerseyctf.online, enter **DRodgers** for 3 security questions.
+* Using Google, locate Donnie Rodgers' [LinkedIn](https://www.linkedin.com/in/donnie-rodgers) by searching `Donnie Rodgers PlainDilemma` with the 3 answers being **Bank Heist Security 101**, **Rahway**, and **Arm wrestling**.
+* Flag: `jctf{b3_CAR3fu1_wh@t_yOU_put_on_the_WEB}`
+* Shares website with web/heres-my-password challenge.
+
+* **Important:** Donnie Rodgers is a fictional person. His name and connections to academic institutions and companies are all made up. His face is AI generated and is not a real person. 
+
+## Credit
+* Developed by [Logan](https://github.com/Git-Logan)
+* AI generated face made by https://generated.photos/face-generator/new 
diff --git a/osint/contributor/other/forgot_password.php b/osint/contributor/other/forgot_password.php
@@ -0,0 +1,109 @@
+<?php
+define("USERNAME", "DRodgers");
+define("FLAG", "jctf{b3_CAR3fu1_wh@t_yOU_put_on_the_WEB}");
+$questions = [
+    "q1" => [
+        "q" => "What was your first job's company name?",
+        "a" => "Bank Heist Security 101"
+    ],
+    "q2" => [
+        "q" => "What city was your high school located in?",
+        "a" => "Rahway",
+    ],
+    "q3" => [
+        "q" => "What is your favorite sport?",
+        "a" => "Arm wrestling"
+    ]
+];
+
+function showFirstForm()
+{
+?>
+    <form action="" method="post">
+        <label>Username
+            <input type="text" name="username">
+        </label>
+        <input type="submit" value="Continue" name="submit">
+    </form>
+<?php
+}
+
+function showSecondForm()
+{
+    global $questions;
+?>
+    <h2>Security Questions</h2>
+    <form action="" method="post">
+        <?php
+        foreach ($questions as $question_id => $question) { ?>
+            <label><?php echo $question["q"]; ?>
+                <input type="text" name="<?php echo $question_id; ?>">
+            </label>
+            <br>
+        <?php } ?>
+        <input type="submit" value="Reset Password" name="submit">
+    </form>
+<?php
+}
+
+function scriptAlert($msg)
+{
+?>
+    <script>
+        alert("<?php echo $msg; ?>");
+    </script>
+    <noscript>
+        <p>
+            <?php echo $msg; ?>
+        </p>
+    </noscript>
+<?php
+}
+?>
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Forgot Password</title>
+</head>
+
+<body>
+    <h1>Forgot Password</h1>
+
+    <?php
+    if (isset($_POST["submit"])) {
+        // 1st "public" layer of form
+        if (isset($_POST["username"])) {
+            if ($_POST["username"] === USERNAME) {
+                showSecondForm();
+            } else if ($_POST["username"] === "Wolverine") {
+            	showFirstForm();
+                scriptAlert("Nice try! Find another user.");
+            } else {
+                showFirstForm();
+            }
+        }
+        // 2nd form is "secret", know by checking the form input names
+        else if (count(array_intersect_key($questions, $_POST)) === count($questions)) {
+            $missed_question = null;
+            foreach ($questions as $question_id => $question) {
+                if ($_POST[$question_id] !== $question["a"]) {
+                    $missed_question = $question;
+                    break;
+                }
+            }
+            if ($missed_question === null) {
+                showFirstForm();
+                scriptAlert(FLAG);
+            } else {
+                showSecondForm();
+                scriptAlert("Incorrect Answer(s)");
+            }
+        }
+    } else {
+        showFirstForm();
+    } ?>
+</body>
+
+</html>
diff --git a/osint/contributor/other/headshot.png b/osint/contributor/other/headshot.png
diff --git a/osint/contributor/other/index.php b/osint/contributor/other/index.php
@@ -0,0 +1,42 @@
+<?php
+define("USERNAME", "Wolverine");
+define("PASSWORD", "lightswitchon_and_offLOL26");
+define("FLAG", "jctf{c0NGR@T2_y0U_p@22wORd_SPR@y3D!}");
+?>
+<!DOCTYPE html>
+<html lang="en">
+
+<head>
+    <meta charset="UTF-8">
+    <title>Login</title>
+</head>
+
+<body>
+    <h1>Login</h1>
+    <form action="" method="post">
+        <label>Username
+            <input type="text" name="username">
+        </label>
+        <br>
+        <label>Password
+            <input type="password" name="password">
+        </label>
+        <br>
+        <input type="submit" value="Login" name="submit">
+    </form>
+    <a href="forgot_password.php">Forgot Password?</a>
+    <?php
+    if (isset($_POST["submit"])) {
+        if ($_POST["username"] === USERNAME && $_POST["password"] === PASSWORD) { ?>
+            <script>
+                alert("<?php echo FLAG ?>");
+            </script>
+        <?php } else { ?>
+            <script>
+                alert("Invalid login");
+            </script>
+    <?php }
+    } ?>
+</body>
+
+</html>
