Thứ Sáu, 8 tháng 5, 2020

[Securinets] Writeup jeopardy !

Hi guys.
Corona Virus aka Covid-19 has spreaded all over the world , we much #stayhome to protect our shelves . So , I have very much time to learning and training my hacking skill . This month ,with my team, I has participated in Securinets ctf competition . Very interesing , it has many , many things to discuss . Here is the result .








This picture had been took for 1 day before this competition ended . Thank to my excellent teammates!

So , I write this WU to note and explain all the challenge I solved . Let's go !

+Web Exploitation :

1. Welcome to Web

This is warm-up challenge . Nothing to say ! Just view the source and get 100 points!




 2. Peehpee <3



This is a basic PHP challenge . the only function that we must bypass is  preg_replace() . Folow the code , we must input the value of naruto in order to $in variable and $secret completely identical as the present of the strict comparison (===) . So I input this value for testing 


naruto=I_want_to_become_a_hockage




fail ! Because I dont care about the preg_replace function . The mission of this function is turn "I_want_to_become_a_hockage" into space . Simply, I try to inject "I_want_to_become_a_hockage" into "I_want_to_become_a_hockage" and submit the payload
I_want_to_becI_want_to_become_a_hockageome_a_hockage
Bingo , the flag comes up . 


3 . Peehpee W3ak
 Another Php challenge !



This type of challenge is very familiar . Googling can help you understand it fluently . So, we must input value of kahla and securinets in order to bypass the strict comparion condition. Of course you can't satisfy this in the right way . Logically, if a not equal b , then sha1(a) and sha1(b) cannot match. We should make each type of argument in the expression
sha1($a)===sha1($b)
become false .
Let's check payload 
kahla[]=123&securinets[]=fdf 
So we have False = False and retrive the flag! 



Continue ..

 Happy Hacking!








Phổ Biến

Follow by Email