Nullcon HackIM CTF Goa 2025

Introduction Context Explanation The Sess.io challenge is an interesting Capture The Flag (CTF) problem that tests knowledge in exploiting pseudo-random number generation (PRNG) weaknesses, seed reversibility, and cryptographic manipulation. The challenge presents a minimalist web page where users can sign up by providing a username and a password. The “magic” happens in the backend, where the user-provided credentials are used to generate a session ID that is tightly coupled with the system’s flag....

Introduction Context Explanation The “Temptation” challenge is a web application security exercise focusing on template injection vulnerabilities in Python web applications. Directive The goal is to retrieve a flag by exploiting vulnerabilities in the web application. Solution Analyzing source code First, we need to retrieve the application’s source code. The webpage contains a hidden comment suggesting to look at /?source. 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 <html> <head> <title>Temptation</title> </head> <body> <h1>Temptation challenge</h1> <form action="/" method="POST"> <table> <tr> <th> <label for="temptation">What is your temptation?...

Introduction Context Explanation Numberizer is a seemingly simple web-based CTF challenge, where users are required to submit five numbers in an HTML form such that the sum of all the numbers is negative. However, the challenge implements input validation and sanitization mechanisms to prevent trivial solutions like using negative numbers. Our goal is to bypass these controls and successfully achieve the required negative sum to retrieve the flag. Solution Analyzing the Code and Validation Mechanisms The provided PHP source code implements a number of validation checks:...

Introduction Context Explanation Craphp is a web-based CTF challenge where the user is presented with an interface asking for a password to retrieve a flag. The challenge also provides access to the server’s source code (index.php), which we leveraged to analyze the vulnerabilities and design a strategy for exploitation. The critical insight in solving this challenge lies in understanding and exploiting weaknesses in the use of CRC (Cyclic Redundancy Check) hash algorithms within the authentication logic....