CTF – Page 3 – WindowsTechs.com

I can’t run CTF challenge(ELF format) on linux to find the flag [closed]

Posted on May 28, 2023 by mahmoud khalifa

I have a problem running the CTF, despite it being based on Linux as demonstrated in the below image.
How do I run the CTF, and find the flag?

Continue reading I can’t run CTF challenge(ELF format) on linux to find the flag [closed]→

I have a CTF challenge for an Android app, How I extract the flag [closed]

Posted on May 28, 2023 by mahmoud khalifa

public native boolean aaa(String str, AssetManager assetManager);

static {
System.loadLibrary("app");
}

/* access modifiers changed from: protected */
public void onCreate(Bundle savedInstanceState) {
super.onCreate(sav… Continue reading I have a CTF challenge for an Android app, How I extract the flag [closed]→

Lfi to rce in PHP [closed]

Posted on April 28, 2023 by webhack31333

I’m currently working on a cyber wargame using LFI to get an RCE. However, there are not many readable files such as log files and environ. What attack should I try to read the flag? In the case of flag, it exists as an executable file wit… Continue reading Lfi to rce in PHP [closed]→

PHP CTF: Vulnerabilities in PHP before 2007?

Posted on April 15, 2023 by Dave

I came across a CTF that i’m trying to solve, the goal is fairly simple: Bypass the authentication form and access the admin-restricted area. You can find the code snippet below.
Things to consider:

The CTF is a simulation and a demonstra… Continue reading PHP CTF: Vulnerabilities in PHP before 2007?→

Anyone can help with this buffer ovewrflow (ctf) question?

Posted on April 12, 2023 by ctf

I am new to bufferoverflow and was told that this code can lead to a buffer overflow.
#include <stdio.h>
#include <stdlib.h>
#include <string.h>
#include <openssl/sha.h>
#include <stdbool.h>
#include <unist… Continue reading Anyone can help with this buffer ovewrflow (ctf) question?→

a CTF problem: how to capture a flag from a php page

Posted on February 23, 2023 by Tokubara

I’m new to CTF and security. I just attend a course about security and CTF. I’m asking one problem in our homework. The teacher just does not give any hints or any materials. I’m confused and don’t know what should I learn. Can you just gi… Continue reading a CTF problem: how to capture a flag from a php page→

Crashing the sha1() function in PHP?

Posted on February 5, 2023 by user5623335

I am working on the following war game from Defend The Web, which requires me to do a source code review to login as the user memtash. The code is on GitLab here.
Here is my methodology:

Reset the password for user memtash which causes me… Continue reading Crashing the sha1() function in PHP?→

How long would this take to bruteforce?

Posted on February 4, 2023 by user5623335

I am working on the following war game from Defend The Web, which requires me to do a source code review to login as the user memtash. The code is on GitLab here.
Having inspected the source code during this code review, I find this line i… Continue reading How long would this take to bruteforce?→

Linux privilege escalation only with append permission

Posted on January 8, 2023 by Lipovlan

During one CTF I’ve encountered an interesting scenario. You have read access to files in one directory through a Flask server, but the names must match a regex to be displayed. You only have append privileges of some user on the machine. … Continue reading Linux privilege escalation only with append permission→

How to zone transfer – (Pentester lab – problem in recon badge – port 53 filtered ) [closed]

Posted on January 2, 2023 by Nissan Apollo

I was trying to solve some recon badge problem from pentesterlab.com
But when I tried to transfer zone (using dig axfr), the website (hackycorp.com, z.hackycorp.com) says connection failed or time out.
And if I scan it with nmap, port 53 i… Continue reading How to zone transfer – (Pentester lab – problem in recon badge – port 53 filtered ) [closed]→