graneed https://blog.hatena.ne.jp/graneed/ こんとろーるしーこんとろーるぶい https://graneed.hatenablog.com/ CTF 問題文 Don't you love undocumented APIs http://web.chal.csaw.io:9000/ writeup HTMLソースを確認する。 <h1>Welcome to our SINGLE SIGN ON PAGE WITH FULL OAUTH2.0!</h1> <a href="/protected">.</a> <!-- Wish we had an automatic GET route for /authorize... well they'll just have to POST from their own clients I guess … 190 <iframe src="https://hatenablog-parts.com/embed?url=https%3A%2F%2Fgraneed.hatenablog.com%2Fentry%2F2018%2F09%2F17%2F091053" title="CSAW CTF Quals 2018 - sso - こんとろーるしーこんとろーるぶい" class="embed-card embed-blogcard" scrolling="no" frameborder="0" style="display: block; width: 100%; height: 190px; max-width: 500px; margin: 10px 0px;"></iframe> https://cdn-ak.f.st-hatena.com/images/fotolife/g/graneed/20180917/20180917021551.png Hatena Blog https://hatena.blog 2018-09-17 09:10:53 rich https://graneed.hatenablog.com/entry/2018/09/17/091053 1.0 100%