Writeup for the Guidepoint 2021 CTF Calc web challenge
Guidepoint Security CTF 2021 - Calc (web) This is a basic OS command injection challenge. The web page for the challenge shows two input boxes for numbers it will then add together for you.
The page submits the two values you pass to it as the x and y GET parameters (http://10.10.100.200:38271/index.php?x=1&y=2) but these parameters are passed to an underlying OS command and are not escaped properly. By adding a ; we can break out of the command context and inject our own commands, we just have to make sure we URL encode any special characters that will otherwise mess up the URL.
Writeups for the Guidepoint 2021 CTF Corona part 1 and 2 web challenges
Guidepoint Security CTF 2021 - Corona (web) Corona 1 The page for this challenge is a limesurvey instance. I’m not very familiar with limesurvey, but from the design it looked like it might be a pretty old version of the application, hinting that there might be a known bug with this application. A quick searchsploit limesurvey showed a bunch of known flaws for older versions, but at this point we were not entirely sure what version was running yet.
Writeup for Confessions challenge of Hack.lu CTF 2020
Confessions Description Someone confessed their dirtiest secret on this new website: https://confessions.flu.xxx Can you find out what it is?
Write-Up After some basic poking around and seeing what the website does we find that pretty much the whole thing is done by javascript calling a GraphQL backend. It seems the /graphql backend allows pretty much arbitrary queries, so let’s see what we can pull out of there.
Using an adapted query from https://github.
Writeup for FluxCloud Serverless challenge of Hack.lu CTF 2020
FluxCloud Serverless Description To host stuff like our website, we developed our own cloud because we do not trust the big evil corporations! Of course we use cutting edge technologies, like serverless. Since we know what we are doing, it is totally unhackable. If you want to try, you can check out the demo and if you can access the secret, you will even get a reward :)
Note: This version of the challenge contains a bypass that has been fixed in FluxCloud Serverless 2.
Writeup for FluxCloud Serverless 2.0 challenge of Hack.lu CTF 2020
FluxCloud Serverless 2.0 Description To host stuff like our website, we developed our own cloud because we do not trust the big evil corporations! Of course we use cutting edge technologies, like serverless. Since we know what we are doing, it is totally unhackable. If you want to try, you can check out the demo and if you can access the secret, you will even get a reward :)
Note: This is the fixed version of FluxCloud Serverless.