RC3 CTF

               WEB 300 (https://ctf.rc3.club:3100/)

P/s: Sorry if my English is bad.

-        - This challenge is very cute (Because I love dog so much :) ).

-         -When I see this web I think it’ s about injection. So I change the value and view source.

-         -You can see the value cat(the web’s about dog but use cat :( )=> It’s about cmd injetion.

-         -I use “|” and ls but it’s not right.Sad 5 minutes 

-        - But I don’t give up I try hard to find the vulnerability.

-         -I test the value ‘bork=TheBorkFiles.txt bork[a..s]’

-         -  “Borks is a dictionary” oh => It will check the value in [] I think so.

-It’s time for code :)

-         - And wa bla I got the code of website

-         - The flag’ s in bork.txt . it’s not to use ../ but I don’t believe it so I change ‘$data’ in  my code.

-         - And it’s return flag for me after many hours try hard :v (but I get flag when the game is end :v)

       

Continue Reading..

HitCon ctf

Challenge Are You Rich?No I'm poor :)(http://52.197.140.254/are_you_rich/)
- This Challenge about  SQL injection.

- So i use Time-Based to get the Flag
- First we need to be know a name of the table_name(It's flag1)
- And then we just get flag (I guess the name of column is flag)
- So this is my code to do this but sometime  some words of the flag return wrong so i print the time to check it  :)

Continue Reading..

Write up IceCtf

Write up IceCtf

Web- Minner(65): http://miners.vuln.icec.tf/

-Hint: No user in Database.;

=> I use Count to bypass if condition.

-Login fail :( ; May be table has more two column

-So i use null for the column i don't know the name.

-Oh! Login :)

Crypto- Over Hill(65): 

-This challenge will hard if i don't use tool but i find a tool help me decrypt it :) J

Crypto-RSA(60)

-Source Code

-Total :)

Continue Reading..