Hsctf 2021
c-brother-1
Solved By : thewhiteh4t
- The challenge mentions a user like
AC01010andJC01010in the HSCTF discord server - Finding the user was easy :
- In discord users can add some links of their social media for other people to see, here I found the YouTube channel of
BC01010:
- There are no videos in the channel so we cannot see the watermark directly
- At first we thought that we can get it by using the YouTube API but it only offers to set or remove a watermark from our own profile
- So I searched for channels which use watermark in their videos and landed on
Motherboard
- Motherboard uses a
subscribeimage as their watermark, next I checked the files loaded in YouTube to check if this image was also loaded :
- Now we have the URL through which the watermark is being loaded :
https://i.ytimg.com/an/B6PV0cvJpzlcXRG7nz6PpQ/featured_channel.jpg
- We know that each channel as a random alphanumeric ID so I compared this URL with the channel page URL :
Channel : https://www.youtube.com/channel/UCB6PV0cvJpzlcXRG7nz6PpQ
Watermark : https://i.ytimg.com/an/B6PV0cvJpzlcXRG7nz6PpQ/featured_channel.jpg
- If you noticed, in the watermark URL the ID is missing two characters from the start i.e.
UC - Following the pattern I tried to input the channel ID of
BC01010without the first two characters and got the watermark!
Channel : https://www.youtube.com/channel/UCqZq81jZcdjAHQJ3UtAbdaA
Watermark : https://i.ytimg.com/an/qZq81jZcdjAHQJ3UtAbdaA/featured_channel.jpg
