はまやんはまやんはまやん

hamayanhamayan's blog

CTF

Web Warm-up [ASIS CTF Quals 2020]

CTF

CTFtime.org / ASIS CTF Quals 2020 / Web Warm-up Warm up! Can you break all the tasks? I'll pray for you! read flag.php Link: http://69.90.132.196:5003/?view-source ソースコードを見せてくれる。 if(isset($_GET['warmup'])){ if(!preg_match('/[…

WebセキュリティにおけるJSON関連問題への傾向と対策 [JWT JSONP]

CTF

本まとめはセキュリティコンテスト(CTF)で使えるまとめを目指すのが主です。 悪用しないこと。勝手に普通のサーバで試行すると犯罪っぽいです。 JSONへの攻撃手法 インジェクション JSONの構造を書き換えてしまう危険性を解説する これとは別途受け取ったJ…

WebセキュリティにおけるBlind SQL Injection問題への傾向と対策

CTF

本まとめはセキュリティコンテスト(CTF)で使えるまとめを目指すのが主です。 悪用しないこと。勝手に普通のサーバで試行すると犯罪っぽいです。 Blind SQL Injection Blind SQL Injectionとは Blind SQL Injection | OWASP SQL Injectionの一種で、画面上…

.innerHTMLのサニタイジングをバイパスするテク

CTF

CTFtime.org / redpwnCTF 2020 / Viper この問題の解説に出てきた「innerHTMLのサニタイジングをバイパスするテク」を覚書しておく。 ちゃんと試してないから動かんかったらごめん。 出典:CTFtime.org / redpwnCTF 2020 / Viper / Writeup どういう場面の話…

WebセキュリティにおけるSQLインジェクション問題への傾向と対策

CTF

本まとめはセキュリティコンテスト(CTF)で使えるまとめを目指すのが主です。 悪用しないこと。勝手に普通のサーバで試行すると犯罪っぽいです。 SQLインジェクション (SQL Injection, SQLi) SQLインジェクションとは CWE-89 SQLインジェクション SQL文に任…

Zh3r0 CTF 2020 Web解説まとめ

CTF

CTFtime.org / Zh3r0 CTF 今週はなかなか時間が取れなかったな… 題名 配点 AC人数 解説 Tokens 50 215/810 Web-Warmup [Zh3r0 CTF 2020] - はまやんはまやんはまやん Web-Warmup 50 671/810 Tokens [Zh3r0 CTF 2020] - はまやんはまやんはまやん Google Sour…

fsociety [Zh3r0 CTF 2020]

CTF

Chall Link : http://web.zh3r0.ml:6565/ I hate this society. Author : Cryptonic007,Finch Automated tools allowed. ソースコードを見てみるとrobot.gifとなってるので、とりあえず/robots.txtを見てみよう。 /elliot.htmlが紹介される。 "check my js" …

Google Source code [Zh3r0 CTF 2020]

CTF

Google Source code Chall Link : http://web.zh3r0.ml:7777/ you dont get anything free except the source code. Try to search it and also I never liked to upload my homework in google classroom. Help me hack this website please :) ソースコー…

Tokens [Zh3r0 CTF 2020]

CTF

The flag was sent by Mr.4N0NYM4U5 to my victim. But i dont have the username and password of the victim to login into the discord account. The only thing i have is a god damn token. Can you help me to get the flag. Ill give you the token a…

Web-Warmup [Zh3r0 CTF 2020]

CTF

Chall Link : http://web.zh3r0.ml:8080/ Easy peasy. Author : careless_finch でっかい画像が与えられる。 とりあえず、ソースコードを見てみる。 /bg.cssと/warm.jpgがある。 jpgは画像なので、cssを見てみるとフラグが書いてある。

B'omarr Style [NahamCon CTF 2020]

CTF

最後まで解けてないです The classic! A grilled-to-perfection patty topped with all the fixin's-- a slice of Gonzo yellow cheese, Revwien lettuce, topato slices, grilled Ojomian onions and... Note, it is recommended to clear your cookies for…

Seriously [NahamCon CTF 2020]

CTF

We are very serious about plants. Seriously, we are. I'm serious. Connect here: http://one.jh2i.com:50007 http://two.jh2i.com:50007 http://three.jh2i.com:50007 http://four.jh2i.com:50007 http://five.jh2i.com:50007 植物が買えるサイト。 商品…

Flag Jokes [NahamCon CTF 2020]

CTF

Want to hear a joke? Want the flag? How about both? Why don't YOU tell me a joke! Note, it is recommended to clear your cookies for this challenge as some may have the same names used in other challenges. ジョークが聞きたい?旗が欲しい?ど…

NahamCon CTF 2020 Web解説まとめ

CTF

うーん、ほんとに一手くらいで解ける問題しか解けてないぞ… CTFtime.org / NahamCon CTF 題名 配点 AC人数 解説 Agent 95 50 1788/2854 Agent 95 [NahamCon CTF 2020] - はまやんはまやんはまやん Localghost 75 1375/2854 Localghost [NahamCon CTF 2020] -…

Rejected Sequel [NahamCon CTF 2020]

CTF

Look at all these movie sequels that never got released! Will yours make it through?? Connect here: http://jh2i.com:50008 映画のリストが取得できるサイトが与えられる。 ソースコードを見るととあるので、とりあえず入れてみる。 /index.php?debug…

Extraterrestrial [NahamCon CTF 2020]

CTF

Have you seen any aliens lately? Let us know! The flag is at the start of the solar system. Connect here: http://jh2i.com:50004 適当に入れ込んでみるとInvalid document endとなる。 aaaaaaaaaaaaaaaaaaaaaaaaaaaaとか入れてみると、Not well-forme…

Official Business [NahamCon CTF 2020]

CTF

Are you here on official business? Prove it. Connect here: http://jh2i.com:50006 ログイン試行画面が出てくる。 とりあえずa:bとかしてみると、Forbiddenで帰ってくる。 'を入れてみてもForbidden。 さて、何から試そうか。 adminでログインせよと書い…

Phphonebook [NahamCon CTF 2020]

CTF

Ring ring! Need to look up a number? This phonebook has got you covered! But you will only get a flag if it is an emergency! リングリング!番号を調べる必要がありますか?この電話帳はあなたをカバーしています! でも、緊急時にしかフラグを立てら…

Localghost [NahamCon CTF 2020]

CTF

BooOooOooOOoo! This spooOoOooky client-side cooOoOode sure is scary! What spoOoOoOoky secrets does he have in stooOoOoOore?? Connect here: http://jh2i.com:50003 Note, this flag is not in the usual format. .-. .' `. :g g : : o `. : ``. : `.…

Agent 95 [NahamCon CTF 2020]

CTF

They've given you a number, and taken away your name~ Connect here: http://jh2i.com:50000 You don't look like our agent! We will only give our flag to our Agent 95! He is still running an old version of Windows... User agentを適切に変えれ…

C0llide? [Really Awesome CTF 2020 / RACTF2020]

CTF

https://ctftime.org/event/1051 A target service is asking for two bits of information that have the same "custom hash", but can't be identical. Looks like we're going to have to generate a collision? http://88.198.219.20:33543/ if ((one.le…

Entrypoint / Baiting / Admin Attack / Insert witty name / Xtremely Memorable Listing / Vandalism [Really Awesome CTF 2020 / RACTF 2020]

CTF

https://ctftime.org/event/1051 http://88.198.219.20:24271/ Entrypoint Sadly it looks like there wasn't much to see in the python source. We suspect we may be able to login to the site using backup credentials, but we're not sure where they…

Quarantine / Quarantine - Hidden information / Getting admin / Finding server information [Really Awesome CTF 2020 / RACTF 2020]

CTF

https://ctftime.org/event/1051 http://88.198.219.20:31901/ Quarantine See if you can get access to an account on the webapp. Quarantine - Hidden information Challenge instance ready at 88.198.219.20:31901. We think there's a file they don'…

TJCTF 2020 Web解説まとめ

CTF

CTFtime.org / TJCTF 2020 題名 配点 AC人数 解説 Broken Button 10 1133/1209 Broken Button [TJCTF 2020] - はまやんはまやんはまやん Login 30 674/1209 Login [TJCTF 2020] - はまやんはまやんはまやん Sarah Palin Fanpage 35 595/1209 Sarah Palin Fan…

Moar Horse 4 [TJCTF 2020]

CTF

Written by nthistle It seems like the TJCTF organizers are secretly running an underground virtual horse racing platform! They call it 'Moar Horse 4'... See if you can get a flag from it! Source https://moar_horse.tjctf.org/ 薄暗い怪しいサ…

Circus [TJCTF 2020]

CTF

Written by KyleForkBomb They called me a clown for using PHP, but little did they know I used military-grade SHA256! I'll bet you can't even login to a single account! Note: brute force is not required http://circus.tjctf.org/ 整ったサイト…

File Viewer [TJCTF 2020]

CTF

Written by saisree So I've been developing this really cool site where you can read text files! It's still in beta mode, though, so there's only six files you can read. http://file_viewer.tjctf.org/ Hint: The flag is in one directory somew…

Congenial Octo Couscous [TJCTF 2020]

CTF

Written by avz92 Team Congenial-Octo-Couscous is looking to replace one of its members for the Battlecode competition, who carried the team too hard and broke his back. Until a neural net can take his place, the team wants a 4th member. Fi…

Weak Password [TJCTF 2020]

CTF

Written by saisree It seems your login bypass skills are now famous! One of my friends has given you a challenge: figure out his password on this site. He's told me that his username is admin, and that his password is made of up only lower…

Login Sequel [TJCTF 2020]

CTF

Written by saisree Login as admin you must. This time, the client is of no use :(. What to do? https://login_sequel.tjctf.org/ 調査 適当に'をまず入れてみるが反応に変わりはない ソースコードを見てみるとヒントが書いてある