Put all adventofctf files in a directory of that years edition

content/posts/adventofctf/2020/challenge_0.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 0 - AdventOfCTF"
 date = 2020-12-02T17:20:28+01:00
 description = "A writeup for challenge 0 of AdventOfCTF."
-cover = "img/adventofctf/f90b2bf3f08ee628c09505ff309018ed.png"
+cover = "img/adventofctf/2020/f90b2bf3f08ee628c09505ff309018ed.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_1.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 1 - AdventOfCTF"
 date = 2020-12-02T17:27:25+01:00
 description = "A writeup for challenge 1 of AdventOfCTF."
-cover = "img/adventofctf/3f12301d8715a1371d2d776d25ea6ab6.png"
+cover = "img/adventofctf/2020/3f12301d8715a1371d2d776d25ea6ab6.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_10.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 10 - AdventOfCTF"
 date = 2020-12-11T22:12:42+01:00
 description = "A writeup for challenge 10 of AdventOfCTF."
-cover = "img/adventofctf/ba15475608ea3f8313825eec5dceac06.png"
+cover = "img/adventofctf/2020/ba15475608ea3f8313825eec5dceac06.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_11.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 11 - AdventOfCTF"
 date = 2020-12-11T23:45:32+01:00
 description = "A writeup for challenge 11 of AdventOfCTF."
-cover = "img/adventofctf/3542630bd0bb5141d94e4b40930bd69d.png"
+cover = "img/adventofctf/2020/3542630bd0bb5141d94e4b40930bd69d.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_12.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 12 - AdventOfCTF"
 date = 2020-12-14T15:55:21+01:00
 description = "A writeup for challenge 12 of AdventOfCTF."
-cover = "img/adventofctf/af3424cd215a6459494ae07eab33cb35.png"
+cover = "img/adventofctf/2020/af3424cd215a6459494ae07eab33cb35.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_13.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 13 - AdventOfCTF"
 date = 2020-12-14T18:48:28+01:00
 description = "A writeup for challenge 13 of AdventOfCTF."
-cover = "img/adventofctf/24e9ce8f146f70b4189f1d2532a75208.png"
+cover = "img/adventofctf/2020/24e9ce8f146f70b4189f1d2532a75208.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_14.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 14 - AdventOfCTF"
 date = 2020-12-14T19:45:51+01:00
 description = "A writeup for challenge 14 of AdventOfCTF."
-cover = "img/adventofctf/dd04640480d764ab09eea047cde749cd.png"
+cover = "img/adventofctf/2020/dd04640480d764ab09eea047cde749cd.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_15.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 15 - AdventOfCTF"
 date = 2020-12-31T22:34:24+01:00
 description = "A writeup for challenge 15 of AdventOfCTF."
-cover = "img/adventofctf/9c6afd807a15973b962cf3aee3dbe836.png"
+cover = "img/adventofctf/2020/9c6afd807a15973b962cf3aee3dbe836.png"
 tags = [
     "AdventOfCTF",
     "challenge",
@@ -58,7 +58,7 @@ Besides this code, we also get an input field for the contents of the `flag` par
 
 When scanning this code, we see that `$flag` is compared to our input. It firstly does a `strcmp`, and, if it is not `0`, it checks if the `sha1` hashes of both variables are equal.
 
-The thing with PHP and `strcmp` is that PHP will do some type juggling before checking the values. You can read more about PHP type juggling in the [writeup of yesterday's challenge]({{% ref "posts/adventofctf/challenge_14.md" %}}#type-juggling).
+The thing with PHP and `strcmp` is that PHP will do some type juggling before checking the values. You can read more about PHP type juggling in the [writeup of yesterday's challenge]({{% ref "posts/adventofctf/2020/challenge_14.md" %}}#type-juggling).
 
 ## Exploit
 

content/posts/adventofctf/2020/challenge_16.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 16 - AdventOfCTF"
 date = 2021-01-01T01:44:45+01:00
 description = "A writeup for challenge 16 of AdventOfCTF."
-cover = "img/adventofctf/246397ca184f8b03ac8fecf50ee1051e.png"
+cover = "img/adventofctf/2020/246397ca184f8b03ac8fecf50ee1051e.png"
 tags = [
     "AdventOfCTF",
     "challenge",
@@ -56,7 +56,7 @@ SSTI occurs when an attacker is able to use native template syntax to inject a m
 
 An easy way to check for SSTI is by using the following graph from PortSwigger:
 
-{{< figure src="/img/adventofctf/16/ssti_graph.png" title="SSTI Graph (by PortSwigger)" >}}
+{{< figure src="/img/adventofctf/2020/16/ssti_graph.png" title="SSTI Graph (by PortSwigger)" >}}
 
 So I followed this graph and got the following results:
 

content/posts/adventofctf/2020/challenge_17.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 17 - AdventOfCTF"
 date = 2021-01-06T22:51:23+01:00
 description = "A writeup for challenge 17 of AdventOfCTF."
-cover = "img/adventofctf/8717d728f2de96beb8123c0cca28a728.png"
+cover = "img/adventofctf/2020/8717d728f2de96beb8123c0cca28a728.png"
 tags = [
     "AdventOfCTF",
     "challenge",
@@ -48,13 +48,13 @@ function send() {
 
 ## Finding the vulnerability
 
-The description makes a reference to [yesterday's challenge]({{% ref "posts/adventofctf/challenge_16.md" %}}) so we probably have to use the same concept.
+The description makes a reference to [yesterday's challenge]({{% ref "posts/adventofctf/2020/challenge_16.md" %}}) so we probably have to use the same concept.
 
 Let's verify it by trying the following input: `{{7*7}}`. It returned `49` so we can continue with the next step.
 
 ## Exploit
 
-Just like [yesterday's challenge]({{% ref "posts/adventofctf/challenge_16.md" %}}), we start by trying to get the config like so: `{{config.items()}}`. Sadly, we get an error message: "You entered an emoji that is on my deny list".
+Just like [yesterday's challenge]({{% ref "posts/adventofctf/2020/challenge_16.md" %}}), we start by trying to get the config like so: `{{config.items()}}`. Sadly, we get an error message: "You entered an emoji that is on my deny list".
 
 ### Blacklist
 
@@ -134,7 +134,7 @@ Here we find an encrypted flag again: `'flag': "C\x1eS\x1dwsef}j\x057i\x7fo{D)'d
 
 ## Decrypting the flag
 
-Just like [yesterday's challenge]({{% ref "posts/adventofctf/challenge_16.md" %}}), the flag is encrypted and we probably have to get the source again to get the key used to encrypt the flag. To get the source we first need arbitrary code execution.
+Just like [yesterday's challenge]({{% ref "posts/adventofctf/2020/challenge_16.md" %}}), the flag is encrypted and we probably have to get the source again to get the key used to encrypt the flag. To get the source we first need arbitrary code execution.
 
 ### Arbitrary Code Execution (ACE)
 
@@ -732,7 +732,7 @@ if __name__ == '__main__':
 
 ## Magic function
 
-Just like [yesterday]({{% ref "posts/adventofctf/challenge_16.md" %}}), we find a magic function. It looks like it's the same just with a different key so let's decrypt it using the new key (`46e505c983433b7c8eefb953d3ffcd196a08bbf9`):
+Just like [yesterday]({{% ref "posts/adventofctf/2020/challenge_16.md" %}}), we find a magic function. It looks like it's the same just with a different key so let's decrypt it using the new key (`46e505c983433b7c8eefb953d3ffcd196a08bbf9`):
 
 ```text
 Python 3.6.9 (default, Nov  7 2019, 10:44:02)

content/posts/adventofctf/2020/challenge_18.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 18 - AdventOfCTF"
 date = 2021-01-06T23:04:52+01:00
 description = "A writeup for challenge 18 of AdventOfCTF."
-cover = "img/adventofctf/be40bcd25e7487440a64b13cd32049b2.png"
+cover = "img/adventofctf/2020/be40bcd25e7487440a64b13cd32049b2.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_19.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 19 - AdventOfCTF"
 date = 2021-02-25T23:18:28+01:00
 description = "A writeup for challenge 19 of AdventOfCTF."
-cover = "img/adventofctf/d80f13d1ab714f7864c2a9ef56c5f767.png"
+cover = "img/adventofctf/2020/d80f13d1ab714f7864c2a9ef56c5f767.png"
 tags = [
     "AdventOfCTF",
     "challenge",
@@ -58,7 +58,7 @@ function send() {
 
 As the description tells us it's a calculator, let's try entering `3+4` in the input field. It will make a `POST` request to `/calc`, which will return `7`.
 
-The description also states it was possible to enter javascript code, which we saw in the [previous challenge]({{% ref "posts/adventofctf/challenge_18.md" %}}), but that it has been fixed now.
+The description also states it was possible to enter javascript code, which we saw in the [previous challenge]({{% ref "posts/adventofctf/2020/challenge_18.md" %}}), but that it has been fixed now.
 
 ## Finding the vulnerability
 

content/posts/adventofctf/2020/challenge_2.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 2 - AdventOfCTF"
 date = 2020-12-02T17:30:25+01:00
 description = "A writeup for challenge 2 of AdventOfCTF."
-cover = "img/adventofctf/948b1eb046c96865a05808660ee99e10.png"
+cover = "img/adventofctf/2020/948b1eb046c96865a05808660ee99e10.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_20.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 20 - AdventOfCTF"
 date = 2021-02-26T00:11:35+01:00
 description = "A writeup for challenge 20 of AdventOfCTF."
-cover = "img/adventofctf/c1f93b6ee2e1cd25ea02f9a78c364b12.png"
+cover = "img/adventofctf/2020/c1f93b6ee2e1cd25ea02f9a78c364b12.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_21.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 21 - AdventOfCTF"
 date = 2021-02-26T11:45:53+01:00
 description = "A writeup for challenge 21 of AdventOfCTF."
-cover = "img/adventofctf/a4afd1fffb0b662d849a6907767f0625.png"
+cover = "img/adventofctf/2020/a4afd1fffb0b662d849a6907767f0625.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_22.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 22 - AdventOfCTF"
 date = 2021-03-04T01:24:34+01:00
 description = "A writeup for challenge 22 of AdventOfCTF."
-cover = "img/adventofctf/6c0810c1568645bcf58da67a1db6e3e7.png"
+cover = "img/adventofctf/2020/6c0810c1568645bcf58da67a1db6e3e7.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_23.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 23 - AdventOfCTF"
 date = 2021-03-16T20:52:38+01:00
 description = "A writeup for challenge 23 of AdventOfCTF."
-cover = "img/adventofctf/497784f7a3314f8aa5b8464432e30bbe.png"
+cover = "img/adventofctf/2020/497784f7a3314f8aa5b8464432e30bbe.png"
 tags = [
     "AdventOfCTF",
     "challenge",
@@ -58,7 +58,7 @@ $(function () {
 
 From the JavaScript code we can see that the chat uses WebSockets. To take a deeper look at it, let's switch over to the network tab in Chrome and click on the request with the type "websocket".
 
-{{< figure src="/img/adventofctf/23/websocket.png" title="Websocket in Chrome DevTools" >}}
+{{< figure src="/img/adventofctf/2020/23/websocket.png" title="Websocket in Chrome DevTools" >}}
 
 If we click on it, a tab with the messages sent on the websocket will open. We can see some numbers here, these are just heartbeat packets to keep the connection alive. Now, let's send a new message and have a look at what it actually sends/receives.
 
@@ -75,7 +75,7 @@ We can see the message contains two parts; the event name and the message itself
 
 In Chrome (to my knowledge) we can't easily send a message on a websocket. We could use Burp Suit to do it but for this writeup I'll stick with Chrome. To send a message on the websocket, we need the `socket` variable from the javascript code. To get it, go to the `Sources` tab and click on `(index)`. Now click on line number 28 to add a breakpoint there. We choose this place as it will trigger a breakpoint just before a message gets sent and we thus have access to the socket variable.
 
-{{< figure src="/img/adventofctf/23/breakpoint.png" title="Javascipt breakpoint in Chrome" >}}
+{{< figure src="/img/adventofctf/2020/23/breakpoint.png" title="Javascipt breakpoint in Chrome" >}}
 
 Now if we try to send a message, chrome will pause the page. The console will now also have the scope of the piece of code at the breakpoint. This means that if we enter `socket` in the console, will get the socket object back:
 

content/posts/adventofctf/2020/challenge_24.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 24 - AdventOfCTF"
 date = 2021-09-22T12:12:12+01:00
 description = "A writeup for challenge 24 of AdventOfCTF."
-cover = "img/adventofctf/b915cb528c4b3d6fc4644f73ba8b829d.png"
+cover = "img/adventofctf/2020/b915cb528c4b3d6fc4644f73ba8b829d.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_3.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 3 - AdventOfCTF"
 date = 2020-12-03T09:29:12+01:00
 description = "A writeup for challenge 3 of AdventOfCTF."
-cover = "img/adventofctf/4f5cc0afbb9e7ec6a57cdd68a92b9213.png"
+cover = "img/adventofctf/2020/4f5cc0afbb9e7ec6a57cdd68a92b9213.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_4.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 4 - AdventOfCTF"
 date = 2020-12-04T09:58:46+01:00
 description = "A writeup for challenge 4 of AdventOfCTF."
-cover = "img/adventofctf/f1d6ca5572e0c012239bcf4a8f797be1.png"
+cover = "img/adventofctf/2020/f1d6ca5572e0c012239bcf4a8f797be1.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_5.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 5 - AdventOfCTF"
 date = 2020-12-05T08:57:31+01:00
 description = "A writeup for challenge 5 of AdventOfCTF."
-cover = "img/adventofctf/080b5d5fcaf13167d2e7e8871fdc8ded.png"
+cover = "img/adventofctf/2020/080b5d5fcaf13167d2e7e8871fdc8ded.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_6.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 6 - AdventOfCTF"
 date = 2020-12-06T15:24:45+01:00
 description = "A writeup for challenge 6 of AdventOfCTF."
-cover = "img/adventofctf/c366d63edd4a35c9f8bea89e57401fef.png"
+cover = "img/adventofctf/2020/c366d63edd4a35c9f8bea89e57401fef.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_7.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 7 - AdventOfCTF"
 date = 2020-12-07T16:43:23+01:00
 description = "A writeup for challenge 7 of AdventOfCTF."
-cover = "img/adventofctf/9fac6046540f4972c60f458b94aacb1d.png"
+cover = "img/adventofctf/2020/9fac6046540f4972c60f458b94aacb1d.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_8.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 8 - AdventOfCTF"
 date = 2020-12-08T09:34:24+01:00
 description = "A writeup for challenge 8 of AdventOfCTF."
-cover = "img/adventofctf/da781419d6bf02d0a580e48414b9cbde.png"
+cover = "img/adventofctf/2020/da781419d6bf02d0a580e48414b9cbde.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/challenge_9.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Challenge 9 - AdventOfCTF"
 date = 2020-12-11T21:24:52+01:00
 description = "A writeup for challenge 9 of AdventOfCTF."
-cover = "img/adventofctf/973ded4b2381c28af6c24d3d670303c6.png"
+cover = "img/adventofctf/2020/973ded4b2381c28af6c24d3d670303c6.png"
 tags = [
     "AdventOfCTF",
     "challenge",

content/posts/adventofctf/2020/intro.md

@@ -3,7 +3,7 @@ author = "Maik de Kruif"
 title = "Intro to AdventOfCTF"
 date = 2020-12-02T17:10:12+01:00
 description = "Challenge 0 of AdventOfCTF."
-cover = "img/adventofctf/advent_of_ctf_coming_soon.png"
+cover = "img/adventofctf/2020/advent_of_ctf_coming_soon.png"
 tags = [
     "AdventOfCTF",
     "challenge",