CTF

Introduction Context Explanation Numberizer is a seemingly simple web-based CTF challenge, where users are required to submit five numbers in an HTML form such that the sum of all the numbers is negative. However, the challenge implements input validation and sanitization mechanisms to prevent trivial solutions like using negative numbers. Our goal is to bypass these controls and successfully achieve the required negative sum to retrieve the flag. Solution Analyzing the Code and Validation Mechanisms The provided PHP source code implements a number of validation checks:...

Introduction This challenge is an OSINT challenge from the PWNME CTF. Background explanation To understand the context of the challenge, look at the description of the introductory challenge. Directive John is French-English but lives in France, and his life is almost entirely available on the internet. Find the city where he lives, the username of his current girlfriend, and the maiden name of his ex. OSINT must remain passive, and any interaction is strongly prohibited....

Introduction This challenge is a WEB challenge from the PWNME 2023 CTF. Context explanation A pro player challenges you in a new game. They have spent a lot of time on it and achieved an extremely high score. Directive Your goal is to beat them by any means necessary. Solution The challenge is a game where you must move a ship to avoid shots and fire at enemies. The player you must beat is Eteck, the challenge creator, who has a score of 1337420....

Introduction One of your friends had an argument with a Flask developer. He tried to handle it on his own, but he ended up hitting a roadblock… Can you put your hacking skills to use and help him out? You should probably be able to access the server hosting your target’s latest project, right? I heard they make a lot of programming mistakes… Solution When we launch the challenge, we arrive at an error page that says:...

Introduction Context Explanation Craphp is a web-based CTF challenge where the user is presented with an interface asking for a password to retrieve a flag. The challenge also provides access to the server’s source code (index.php), which we leveraged to analyze the vulnerabilities and design a strategy for exploitation. The critical insight in solving this challenge lies in understanding and exploiting weaknesses in the use of CRC (Cyclic Redundancy Check) hash algorithms within the authentication logic....

Introduction This challenge is an OSINT challenge from the PWNME CTF. Context explanation To understand the context of the challenge, look at the description of the introduction challenge. Directive John loves adventure and travel. Can you give me the 3 cities he visited during his trip to Europe? Flag format PWNME{city1_city2_city3} Cities in lowercase and in alphabetical order, separated by an “_”. Solution On John Droper’s GitHub, droperkingjohn, on one of his commits, we can see that he removed part of his index....

Introduction This challenge is a WEB challenge from the PWNME CTF. Context Explanation A company needs a website to generate a QR Code. They asked a freelancer to do the job. Since the website went live, they noticed strange behavior on their server. They need you to audit their code and help them fix their problem. Directive The flag is located in /app/flag.txt Solution The web application to test is a blog that allows you to create articles and display them....

Introduction Try to access the content of the admin user’s secret note. Solution The challenge is a blog with authentication. On the homepage, we can see several posts from different users, and in the header, it says A community of 8 authors. By clicking on the name of one user, for example, lolo, who is the author of the first article, we are taken to the user’s profile page. Non-essential note for exploiting the challenge: After launching multiple instances, I realized that the 8 users are always the same: admin, bob, alice, and 5 other random users (lolo, tata, toto, …)....

Introduction Log in to the admin account and retrieve the flag. Prerequisites Completed the challenge Blogodogo #1 The referral token 83d99a0ac225079db31b44a2e58b19f0 to create an account. Solution After successfully completing the previous challenge, Blogodogo #1, we obtain a referral code that allows us to create an account. This allows us to create an account with the credentials test:test. In the challenge sources, there is a directory called /bot which simulates an administrator’s connection and clicks on a link passed as a parameter:...