DEF CON CTF Qualifier 2014 :: routarded

Posted by and filed under DEF CON CTF Qualifier 2014.

routarded starts you out with a hint in the challenge description that the target webpage is a router with default credentials. After trying a bunch of default router combinations, @jonathansinger found a working combination of <blank>:admin. This pops you into the management site of this fake router, which has a promising diagnostics page. We went… Read more »

RuCTF Quals 2014 :: Web 200 :: ES

Posted by and filed under RuCTF Quals 2014.

For this challenge belonging to the 2014 RuCTF Qualifiers, we are provided with a hyperlink that takes us to a simplified web application. The web challenge for 200 points is titled ES, which we soon learn stands for the web application’s…

PHDays 2012 :: PWN 300

Posted by and filed under PHDays 2012.

Pwn300 was a Python Twisted site that served a page with a single form to kill, arrest, or bankrupt the kids of South Park. The organizers provided the source code for the challenge, which included the web service and a compiled Python module. The source to the page tells us that the flag is in… Read more »

PoliCTF 2012 :: Grabbag 300

Posted by and filed under PoliCTF 2012.

The challenge in this problem was pretty clearly JavaScript unpacking. There was an image in base64 format in the html file given, and thus there was also the possibility of a steganography challenge. Here’s the block we were given:

Hack.LU 2012 :: 23 Spambots

Posted by and filed under Hack.LU 2012.

The trick here was to spot the vulnerability. The scripts loads html from a controlled webpage with @file_get_contents(). It then parses the html for forms with regex to solves a basic math problem, with unescaped eval(). Finally the page submits a post request to the controlled webpage with file_get_contents(). With that information determined from the… Read more »