[CSAW 2016] I Got Id – Web200

Chall:

Wtf... I literally just setup this website and it's already popped...

http://web.chal.csaw.io:8002/

This challenge is quite interesting, it focuses on perl 5 vulnerable which is presented at blackhat asia 2016. Continue reading

Advertisements

[IceCTF] ImgBlog – Web130

Chall:

I found this amazing blog about Iceland! Did I ever tell you that I love Iceland? It seems to be made from scratch by a single guy although being impressive, he doesn’t seem too have much experience with web programming. Can you see if you can find any vulnerabilites to pwn his machine?

This is nice website, first we have to login to access some function of it.
This chall is about 2 stage: Continue reading

[IceCTF] Geocities – Web100

Chall:

I recently stumbled onto this old http://geocities.vuln.icec.tf/ site, it’s a miracle that it’s still up! It must be running some ancient technology and probably hasn’t been updated in years, it’s our lucky day boys!

Messing around and thinking about the description:

It must be running some ancient technology and probably hasn't been updated in years

So i decided to find popular vulnerable 1-2 years ago and found it. It’s SHELLSHOCK! Continue reading

[Teaser CONFidence CTF 2016] RoflScale – Web 100

Admins connected a debug interface to our Roflscale DB. They didn’t bother to secure it with a password, so we put in a proxy instead.

IP: roflscale.hackable.software:4000

The main idea of this challenge is the misconfig between urlparse python and REQUEST_PATH of sinatra ruby, so if we input the payload which can bypass filter ‘dump’ python and pass to ruby web server, we got the flag.
Continue reading