Published onJuly 18, 2023AmateurCTF '23 - Web - Funny Factorialswebamateurctf23lfiUtilizing LFI in the theme parameter to get the flag.
Published onJuly 18, 2023AmateurCTF '23 - Web - Latekwebamateurctf23latexpdftexUtilizing Latex to read files from the local system.
Published onJuly 18, 2023AmateurCTF '23 - Web - Waiting an Eternitywebamateurctf23integer-overflowflaskUtilizing integer overflow in the cookie to make the web-app wait for -inf time.
Published onJuly 3, 2023NED CTF'23 - Web - Auth Forgerywebnedctfauth-bypassssrfjwtAuth bypassing and using SSRF to get the flag.
Published onJuly 3, 2023NED CTF'23 - Web - Inclusionwebnedctffile-inclusionflaskInclusion was a very simple file inclusion challenge in which we had to include /flag.txt to read the flag.
Published onJuly 3, 2023NED CTF'23 - Web - Weakwebnedctfjwtweak-signing-keyUtilizing weak jwt signing key to forge a token.
Published onJune 25, 2023AUPCTF'23 - Web - Conundrumwebaupctfbrute-forcecsrfA detailed writeup for the web challenge `Conundrum` from AUPCTF'23
Published onJune 25, 2023AUPCTF'23 - Web - Directorywebaupctfbrute-forcedirectory-searchingDirectory was a simple directory searching challenge in which we had to find the flag by bruteforcing the directories and reading the innerhtml content.
Published onJune 25, 2023AUPCTF'23 - Web - Headerwebaupctfdjangohttp-headersThe name of challenge was a hint towards HTTP Headers, so we just had to send a custom header to get the flag
Published onJune 25, 2023AUPCTF'23 - Web - SQLi 1webaupctfsqlilogin-bypassBasic SQL Injection to bypass login
Published onJune 25, 2023AUPCTF'23 - Web - SQLi 2webaupctfsqlilogin-bypassAnother basic SQLi to bypass to admin panel
Published onJune 25, 2023AUPCTF'23 - Web - Starterwebaupctfsource-code-analysisStarter was a very easy web challenge in which flag could be found using basic source code analysis.
Published onJune 25, 2023AUPCTF'23 - Web - Time Heistwebaupctfarchive.orgwayback-machineTime Heist was a simple web challenge in which we had to find the flag by looking at a tag in a website which was later deleted.