damCTF 2024 Web Writeup
Β·
🚩 CTF
My team was too good for me to help, but here's a writeup I did on my own for studying purposes. Flower Power # app.py ... @dataclass class Flower: name: str flower_url: str description: str id: str = "-1" database: dict[str, Flower] = dict() def add_flower(flower: Flower): flower.id = generate_id() database[flower.id] = flower return flower add_flower(Flower( "Rose", "https://i0.wp.com/pikespea..
HackfestCTF 2024 Web writeup
Β·
🚩 CTF
[ University ] We need to access to environment variable. @app.route('/', methods=['GET', 'POST']) def login(): if request.method == 'POST': username = request.form['username'] password = request.form['password'] try: response = requests.get(f"http://localhost:5000/api/users/{username}/auth") response.raise_for_status() conn = connect_db() cursor = conn.cursor() cursor.execute('SELECT * FROM use..
BalsnCTF 2023 Web Writeup
Β·
🚩 CTF
● Web3 (misc) You can find below code in "/" endpoint. const express = require("express"); const ethers = require("ethers"); const path = require("path"); const app = express(); app.use(express.urlencoded()); app.use(express.json()); app.get("/", function(_req, res) { res.send("Hello") }); function isValidData(data) { if (/^0x[0-9a-fA-F]+$/.test(data)) { return true; } return false; } app.post("..
WaconCTF 2023
Β·
🚩 CTF/2023
Not finish yet, still writing :) • mosaic from flask import Flask, render_template, request, redirect, url_for, session, g, send_from_directory import mimetypes import requests import imageio import os import sqlite3 import hashlib import re from shutil import copyfile, rmtree import numpy as np app = Flask(__name__) app.secret_key = os.urandom(24) app.config['MAX_CONTENT_LENGTH'] = 16 * 1000 * ..
TFCCTF 2023 web writeup
Β·
🚩 CTF/2023
[ Mctree ] admin account already exists. I guessed that I could get flag if I log in with admin account. If register id with admin" , you can see you are register in admin account. Then, login with account that you reigstered. Here is my payload. ID : admin" PW : a ● Flag TFCCTF{I_l1k3_dr4g0n_tr33s__Yuh!_1ts_my_f4v0r1t3_tr33_f0r_sur3!} [ Ducky note ] It's a web application which has admin bot. C..
[ zer0pts ] ringtone
Β·
🚩 CTF/2023
I used other's writeup as a reference. This challenge is about chrome extension which is made of javascript code. You can check structrue of directory below folding code. 더보기 ./ β”œβ”€β”€ crawler β”‚ β”œβ”€β”€ crawler.js β”‚ β”œβ”€β”€ Dockerfile β”‚ β”œβ”€β”€ extension β”‚ β”‚ β”œβ”€β”€ audio.html β”‚ β”‚ β”œβ”€β”€ background.js β”‚ β”‚ β”œβ”€β”€ content.js β”‚ β”‚ β”œβ”€β”€ index.html β”‚ β”‚ β”œβ”€β”€ manifest.json β”‚ β”‚ β”œβ”€β”€ ring.mp3 β”‚ β”‚ └── sandbox.js β”‚ β”œβ”€β”€ package.json β”‚ ..
[ zer0pts 2023 ] Warmuprofile
Β·
🚩 CTF/2023
This is the easiest challenge in this CTF. There is only one file, "index.js" in this challenge. app.get('/flag', needAuth, (req, res) => { if (req.session.username !== 'admin') { flash(req, 'only admin can read the flag'); return res.redirect('/'); } return res.render('flag', { chall_name: CHALL_NAME, flash: getFlash(req), flag: FLAG }); }); When you enter "/flag" endpoint with admin session, y..
[ zer0pts 2023 ] Neko note
Β·
🚩 CTF/2023
Sadly, I solved only few challenges in zer0pts CTF :( . Write this for studying. The more web api you know, the easier you solve. This is a service that we can upload a post and report it to admin. ./app β”œβ”€β”€ Dockerfile β”œβ”€β”€ go.mod β”œβ”€β”€ go.sum β”œβ”€β”€ main.go β”œβ”€β”€ report.go β”œβ”€β”€ static β”‚ └── style.css └── views β”œβ”€β”€ index.html └── note.html Let's check core code of this challenge. ● main.go var conn *redi..
[ justCTF 2023 ] Perfect Product
Β·
🚩 CTF/2023
./perfect-product/ β”œβ”€β”€ Dockerfile β”œβ”€β”€ flag.txt └── src β”œβ”€β”€ app.js β”œβ”€β”€ package.json β”œβ”€β”€ package-lock.json β”œβ”€β”€ readflag β”œβ”€β”€ readflag.c β”œβ”€β”€ static β”‚ └── img └── views β”œβ”€β”€ index.ejs └── product.ejs There is a flag.txt file and binary of "readflag". # Dockerfile FROM debian:sid ENV NODE_ENV "production" RUN apt update && \ apt install -y curl && \ curl -sL https://deb.nodesource.com/setup_18.x | bash..