Objective #2: Directory Browsing

Problem

Who submitted (First Last) the rejected talk titled Data Loss for Rainbow Teams: A Path in the Darkness? Please analyze the CFP site to find out (https://cfp.kringlecastle.com/). For hints on achieving this objective, please visit Minty Candycane and help her with the The Name Game terminal challenge.

Hints

After completing The Name Game challenge, Minty Candycane provides the following hint:

Thank you so much for your help! I've gotten Mr. Chan his name tag. I'd love to repay the favor.

Have you ever visited a website and seen a listing of files - like you're browsing a directory? Sometimes this is enabled on web servers.

This is generally unwanted behavior. You can find sleighloads of examples by searching the web for index.of.

On a website, it's sometimes as simple as removing characters from the end of a URL.

What a silly misconfiguration for leaking information!

Minty provides another hint:

On a website, finding browsable directories is sometimes as simple as removing characters from the end of a URL.

Minty also provides a link to a webpage on Website Directory Browsing: https://portswigger.net/kb/issues/00600100_directory-listing

Solution

Browse to the URL provided. The Apply Now link on this page takes us to https://cfp.kringlecastle.com/cfp/cfp.html.

Remove cfp.html from the end of the URL, and a directory listing appears that includes the file rejected-talks.csv.

Inside the CSV file, each row represents a rejected talk; columns 7 & 8 are the candidate's first and last name, followed by the talk's title in column 9. Use Ctrl+F in the browser to search through the text for "Data Loss for Rainbow Teams: A Path in the Darkness", and we find the answer is John McClane.