Posted Updated a minute read (About 139 words)

backup: HCTF2018 Warmup Writeup

A easy challenge from HCTF 2018

The original plan was not to give the source code to come. Then I was told that if I didn’t give the source code, it would be impossible for people to solve it. And there was no easy Challenge, so the source code was given.

Okay, the process of solving this Challenge:

First of all, open the website and then look at F12, the comments hinted that there was source.php, a simple php audit, you can find that the problem appears in the following code

1
2
3
4
5
6
7
8
9
$_page = urldecode($page);
$_page = mb_substr(
    $_page,
    0,
    mb_strpos($_page . '?', '?')
);
if (in_array($_page, $whitelist)) {
    return true;
}

It can be bypassed with %253f, combined with the flag in ffffllllaaaagggg in hint.php (Sorry. Seems like I should have told flag in / in the challenge description)…

backup: HCTF2018 Warmup Writeup

http://aslin.site/2022/03/08/backup-HCTF2018-Warmup-Writeup/

Author

ACce1er4t0r

Posted on

2022-03-08

Updated on

2023-04-22

Licensed under

Recents

Archives

×