Wednesday 10 January 2018

CTF Challenges | The N3PH4ck Solutions Pt. 2

@___0x00 10 January ctf, writeups

Spoiler Alert at first !!!
#ctfnepal2018 will be live in web , so no talks , go first there and and comeback here !!!

SOLUTION : Password Guesser (50)

A good hacker guesses the password correctly.

http://35.196.16.227/goodguesser/index.php

Visit URL, Login : admin admin

Flag : cynical_flag{you_are_a_good_guesser}

SOLUTION : Color of Internet (100)

Back in college, I created my own encryptor/decryptor application but haven't worked on it for long.

I don't like showing exceptions.

http://35.185.81.16/md5/

abjhbhafbafa = a27790c4516f9580a4de56bd9182e41b

a27790c4516f9580a4de56bd9182e41b = abjhbhafbafa

abjhbhafbafa' = b004fd0b363c072b1724ec400db25002

b004fd0b363c072b1724ec400db25002 = Hash Not Found

Flag: cynical_flag{md5_is_pretty_easy_to_crack}

SOLUTION : Blood Bank (100)

We have even created a simple donation web app to collect donor data.
http://35.185.81.16/blood-bank/

http://35.185.81.16/blood-bank/view.php?id=1

http://35.185.81.16/blood-bank/view.php?id=2

http://35.185.81.16/blood-bank/view.php?id=2%27

This challenges can be exploited in two ways either a SQLI or IDOR

http://35.185.81.16/blood-bank/view.php?id=0

Flag: cynical_flag{Zero_Matters_guy}

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Created By Sora Templates | Distributed By Gooyaabi Templates