PwnDiary

Everything about security

Tag

web

[SpamAndFlags Teaser CTF 2019] Forumz Write-up (Web252)

Time to take a break from CTFing and browse some forums instead! Forum When we visit the link, we encounter a forum website. Since the registration is closed and we cannot create a new account, I decided to visit the… Continue Reading →

[Kaspersky Industrial CTF 2018] Expression Write-up (Web50)

http://expression.2018.ctf.kaspersky.com/ The website allows us to send two numbers/tokens and an operation among +, -, *, /. Let’s send 1 + 2 to test it.

It calculated the result and gave us a token which is obviously base64 encoded…. Continue Reading →

[P.W.N. CTF 2018] H!pster Startup Write-up (Web216)

Our on-campus start-up was hacked. The hacker somehow deleted the only admin user… Can you login to the admin interface and revert it? When we look at the source code, we notice the url of the admin panel.

It… Continue Reading →

[P.W.N. CTF 2018] Login Sec Write-up (Web100)

The university’s department of Secure Login Systems has just launched three prototypes of their research projects. Maybe you can have a look at all three of them: Login 1 Source Source MIRROR Login 2 Source Source MIRROR Login 3 Source… Continue Reading →

[Hack.lu CTF 2018] Baby PHP Write-up (Web153)

PHP is a popular general-purpose scripting language that is especially suited to web development. Fast, flexible and pragmatic, PHP powers everything from your blog to the most popular websites in the world. Can you untangle this mess?! When we visit… Continue Reading →

[noxCTF 2018] MyFileUploader Write-up (Web200)

This is my new file uploader server. I bet you can’t hack it! http://chal.noxale.com:8079 The website allows us to upload files. Let’s create a php shell file, but save it as dummy.txt.

Then, try to upload it.

It… Continue Reading →

Copyright © 2019 PwnDiary