Hello, We will be going through the web challenges in the NCSC CTF challenge There were four challenges in the web category, I didn’t touch the first, which many teams solved; for that I don’t know the idea behind it. The other two got only one solve, and the last one got zero solves. I will be going through the “whysoneat” challenge because I have the source code to discuss, explain my unintended solution, and the intended solution described by the author ...
This is a collection of writeups for the Web challenges of DeadSec CTF 2024. The CTF was held by the DeadSec team. The CTF was held on 28th July 2024. My team scored place 48/619 with 1081 points. Web EzStart Difficulty: Easy I started analyzing the provided source code, there is only one interesting file for us to discuss, the src/upload.php In the code, we can see that we can uploahttps://0x0oz.github.io/ctf-writeups/2024-07-28-deadsec-ctf d any kind of file regarding the written filters because they were pointless (no prevention after the checks). Still, the notable thing is that anything we upload is going to be deleted at the end through unlink(), moreover, if we upload a file with < 10MB size it will be moved from PHP’s uploads tmp folder to accessible /var/www/html/tmp folder then will be removed at the end. ...
Here are the write-ups for the challenges from the NCSC Training 2024 CTF, which took place from July 11th to July 13th, 2024. Writeups Web Robot Challenge Description A Web crawler, sometimes called a robot, is an Internet bot that systematically browses the World Wide Web and that is typically operated by search engines for the purpose of Web indexing. Solution The challenge is a simple robots.txt as the name says, we can see Disallow: /always_read_robots.txt in the robots.txt file. So, we can access the always_read_robots.txt file and get the flag. ...
Writeups for the MetaCTF v5 2024 CTF Web Challenges that was held on 30th June 2024. Python’s Twister Challenge Description Hack our admin. Solution The challenge is a simple flask application that has register/login/pass-reset functionalities. The app generates 10000 random numbers and assigns one to each user when registered as a reset token, the admin has the reset token with index 1499. The flag is stored in an environment variable and is displayed when the admin logs in. ...