dc2021q - threefactooorx web

by kaptain

This was a jeopardy challenge, part of dc2021q. (CTFtime)

This challenge was represented as 3️⃣
Points: 123
Was solved by: 51 teams

You may spawn the server:

On your laptop

Install docker
docker pull archiveooo/pub:threefactooorx (docker-saved download)
docker run -d --name threefactooorx archiveooo/pub:threefactooorx
Local IP: docker inspect threefactooorx -f '{{ .NetworkSettings.Networks.bridge.IPAddress }}'
Connect to that IP:4017 — Remember to docker rm -f when done.

On your laptop (full source)

Install docker and pip install PyYAML coloredlogs
git clone https://github.com/o-o-overflow/dc2021q-threefactooorx-public
cd threefactooorx
./spawner --log-level=INFO
Connect to the ip:port displayed

Hosted by OOO

Right now we're asking players to login first.

Description

This is the end of phishing. The Order of the Overflow is introducing the ultimate authentication factor, the most important one, the final one. To help the web transition to this new era of security, we are introducing a 3FA tool for testing your webpages completely isolated on our admin's browser.

WEB CHAL!!1!!!1

line_weight 3factooorx.crx

Hints

None yet :(
If you wish, you can contribute some.

Source

Spoilers ahead! Code for this challenge is publicly available.