SwampCTF 2019

SwampCTF 2019 writeup Brokerboard

Brokerboard

183

It's the year 1997 and the Internet is just heating up! :fire:

In order to get ahead of the curve, SIT Industries® has introduced it's first Internet product: The Link Saver™. SIT Industries® has been very secretive about this product - even going so far to hire Kernel Sanders® to test the security!

However, The Kernel discovered that The Link Saver had a little bit of an SSRF problem that allowed any user to fetch the code for The Link Saver™ from https://localhost/key and host it themselves :grimacing:. Fortunately, with a lil' parse_urlmagic, SIT Industries® PHP wizards have patched this finding from Kernel Sanders® and are keeping the code behind this wonderful site secure!

... or have they? :wink:

chal1.swampctf.com:1244

-= Created by andrewjkerr =-

入力したURLのホスト名がlocalhostだと受け付けないようです。parse_url()関数の脆弱性でホスト名を誤って解釈させることができるようです。次のように入力するとフラグが表示されます。

1

フラグは、
flag{y0u_cANn0t_TRU5t_php}
です。



SwampCTF 2019 writeup Neo

Neo

50

We hacked one of EvilCorps sentries and found something interesting. A single picture, we're not sure what to do with this but we know this sentry was fond of his abilities to hide things in plain site.

-= Challenge by P4PA_0V3RL0RD =-

stringsコマンドでファイル中の文字列を確認します。
$ strings red_pill.jpeg | grep flag
flag{f011ow_th3_wh1t3_rabb17}
フラグは、
flag{f011ow_th3_wh1t3_rabb17}
です。

Linux本格入門(仮)
大竹龍史
SBクリエイティブ
2019-05-30


SwampCTF 2019 writeup Leap of Faith

Leap of Faith

50

“You have to let it all go, Neo. Fear, doubt, and disbelief. Free your mind (and your stego tools).” - Morpheus, probably

-= Challenge by P4PA_0V3RL0RD =-

jpegファイルをバイナリエディタで開いて、FFD8タグを2つ取り除いて保存すると次の画像になります。

aaa

フラグは、
flag{FR33_Y0UR_M1ND}
です。

SwampCTF 2019 writeup Welcome!

Welcome!

10

Welcome to SwampCTF!

The first round is on us🍻 

flag{w3lc0m3_t0_th3_SwAmP}

問題文にフラグが記載されています。
フラグは、
flag{w3lc0m3_t0_th3_SwAmP}
です。



SwampCTF 2019 writeup Last Transmission

Last Transmission

50

Two of our squad leaders got beamed up before they could finish their transmission, but they left a clue behind as to where they were taken.

-= Created by P4PA_0V3RL0RD =-

pngファイルをImageJで開いて、[Image]-[Adjust]-[Color Balance]で調整すると下図のような画像になります。

1

フラグは、
flag{B34M_M3_UP_SC077Y}
です。



記事検索
ギャラリー
  • TetCTF 2023 NewYearBot
  • UUT CTF writeup Find The Password
  • UUT CTF writeup The Puzzle
  • Hack Zone Tunisia 2019 writeup Microscope
  • Hack Zone Tunisia 2019 writeup Welcome
  • SwampCTF 2019 writeup Brokerboard
  • SwampCTF 2019 writeup Leap of Faith
  • SwampCTF 2019 writeup Last Transmission
  • CBM CTF 2019 writeup Long road
カテゴリー