Corona Virus aka Covid-19 has spreaded all over the world , we much #stayhome to protect our shelves . So , I have very much time to learning and training my hacking skill . This month ,with my team, I has participated in Securinets ctf competition . Very interesing , it has many , many things to discuss . Here is the result .
This picture had been took for 1 day before this competition ended . Thank to my excellent teammates!
So , I write this WU to note and explain all the challenge I solved . Let's go !
+Web Exploitation :
1. Welcome to Web
This is warm-up challenge . Nothing to say ! Just view the source and get 100 points!
2. Peehpee <3
This is a basic PHP challenge . the only function that we must bypass is preg_replace() . Folow the code , we must input the value of naruto in order to $in variable and $secret completely identical as the present of the strict comparison (===) . So I input this value for testing
naruto=I_want_to_become_a_hockage
fail ! Because I dont care about the preg_replace function . The mission of this function is turn "I_want_to_become_a_hockage" into space . Simply, I try to inject "I_want_to_become_a_hockage" into "I_want_to_become_a_hockage" and submit the payload
I_want_to_becI_want_to_become_a_hockageome_a_hockageBingo , the flag comes up .
Another Php challenge !
This type of challenge is very familiar . Googling can help you understand it fluently . So, we must input value of kahla and securinets in order to bypass the strict comparion condition. Of course you can't satisfy this in the right way . Logically, if a not equal b , then sha1(a) and sha1(b) cannot match. We should make each type of argument in the expression
sha1($a)===sha1($b)become false .
Let's check payload
kahla[]=123&securinets[]=fdfSo we have False = False and retrive the flag!
Happy Hacking!
