Taking down Turbo Tactical 2024! LET THE CHASE BEGIN.
START HERE
Alright everyone so I found a pretty nice vulnerability in their authentication controls. Captured this bad boy and was able to easily crack the password.
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsIm5vbmNlIjoiIn0.eyJpc3MiOiJ0dXJib3RhY3RpY2FsLm5ldCIsImV4cCI6IjE0NTA2NTkxMDIiLCJ1cG4iOiJjZm9kZXJhIiwiZnVsbF9uYW1lIjoiQ2xhaXIgRm9kZXJhIiwidXNlcm5hbWUiOiJDRm9kZXJhOTEiLCJwaG9uZV9udW1iZXIiOiIiLCJqdGkiOiJmdGlkMjM0MmEtMzI0M2QtMjM0My1kMzR5OHlnZmZlIiwic3R1ZmYiOjExMjIyLCJncm91cHMiOlsibG93X2FkbWluIiwicmVtb3RlX3VzZXIiLCJsYWJ0ZWNoIl0sIm9yZyI6IlR1cmJvVGFjdGljYWwiLCJzdWJfb3JnIjoiR3JvdXBfRCIsIm5idCI6NTc1NDczNzU0ODI5NTI3NTAwMDAsImxkZV9zIjpbeyJhc3RhdHVzIjoibnVsbCIsImJzdGF0dXMiOiJudWxsIiwiY3N0YXR1cyI6InZhbGlkIiwiZHN0YXR1cyI6Im51bGwifV19.kQKRFPLj_SqVeEiBjfKi7FKOEVoV71JgdFRxDTjp7TQ
I dont get it? Whats the deal with this? Web isn’t my strong suit 
Oh come on Deephax! You just need to modify the data and resign it. Account impersonation is easy.
Yeah what sunstalker said! It only took a default Kali list to crack it. The prize=the cracked password.
Please be subtle with any attacks on Turbo Tactical this year… They’ve been a thorn in our side for the last several years, mostly because some of our younger hackers underestimate them.
The old man always has something to say. FINE…Lillith I got the infrastructure up so we can leverage your vulnerability now. Should be able to capture some admin creds here shortly.
If thats the case we can start using some encryption. I will set that up and leave a resource open for everyone.
Follow up…for your accomodations Lillith, think we got you a sweet spot to hide. Just remember South is first, West is second, North is third, and East is fourth. Zero in with the source.
Hey thanks! I wrote down my travel arrangements on a piece of paper. The times are estimated though because the travel time keeps slightly changing -_- anyone else write like Unix time? 