[CTF] CTFLearn.com – Basic Injection

Ok, here is the solution for the very basic SQL injection CTF located on https://web.ctflearn.com/web4/. When you load the page you see this: There is nothing to do here, except entering some inputs, which leads nowhere. So, I checked the source code of the webpage. Very simple stuff, but look at that comment line. I tried… Continue reading [CTF] CTFLearn.com – Basic Injection

[WriteUp] Tr0ll

  Let's scan our network to find the machine first. nmap -sn Starting Nmap 7.60 ( https://nmap.org ) at 2017-10-11 13:39 +03 Nmap scan report for Host is up (0.019s latency). MAC Address: 00:50:56:01:06:28 (VMware) Nmap scan report for Host is up (0.00065s latency). MAC Address: 08:00:27:62:C8:63 (Oracle VirtualBox virtual NIC) Nmap… Continue reading [WriteUp] Tr0ll

[WriteUp] OverTheWire – Natas – Part 1

OverTheWire hosts some cleverly designed war games and Natas is one them which is focusing on web security. It has 27 steps in total where it starts with the simplest challenge and gradually becomes more difficult. To access the next level, you have to capture the flag of the previous one. Let's start. Level 0… Continue reading [WriteUp] OverTheWire – Natas – Part 1