PwnDiary

Everything about security

Tag

web

[Kaspersky Industrial CTF 2018] Expression Write-up (Web50)

http://expression.2018.ctf.kaspersky.com/ The website allows us to send two numbers/tokens and an operation among +, -, *, /. Let’s send 1 + 2 to test it.

It calculated to result and give us a token which is clearly base64 encoded…. Continue Reading →

[P.W.N. CTF 2018] H!pster Startup Write-up (Web216)

Our on-campus start-up was hacked. The hacker somehow deleted the only admin user… Can you login to the admin interface and revert it? When we look at the source code, we notice the url of the admin panel.

It… Continue Reading →

[P.W.N. CTF 2018] Login Sec Write-up (Web100)

The university’s department of Secure Login Systems has just launched three prototypes of their research projects. Maybe you can have a look at all three of them: Login 1 Source Source MIRROR Login 2 Source Source MIRROR Login 3 Source… Continue Reading →

[Hack.lu CTF 2018] Baby PHP Write-up (Web153)

PHP is a popular general-purpose scripting language that is especially suited to web development. Fast, flexible and pragmatic, PHP powers everything from your blog to the most popular websites in the world. Can you untangle this mess?! When we visit… Continue Reading →

[noxCTF 2018] MyFileUploader Write-up (Web200)

This is my new file uploader server. I bet you can’t hack it! http://chal.noxale.com:8079 The website allows us to upload files. Let’s create a php shell file, but save it as dummy.txt.

Then, try to upload it.

It… Continue Reading →

[noxCTF 2018] HiddenDOM Write-up (Web670)

I decided to create a tool that searches for hidden elements inside a web pages. Few days ago someone told me that my website is not so /secure/… Can you check it yourself ? http://13.59.2.198:5588 The website says that it… Continue Reading →

Copyright © 2018 PwnDiary