Descriptions:
Solution:Get the admin password!
http://gap.chal.ctf.westerns.tokyo/
You can use test:test
1. Try to inject in user/password field such as SQL Injection it not show more information.
4. Try MongoDB Injection with user=admin&password[$ne]=1, and successfull to login as admin!
5. This challenge need a admin password, I try regex operator to guess a admin's password like user=admin&password[$regex]=^TWCTF{[Fuzz]
6. Set payload type Brute forcer with characte set in $ python -c "import string; print string.printable".
7. Set option Grep - Extract because if character is valid will return HTTP status code 302 Found to redirect to index page.
8. Start attack and found 1st character is "w" :)
9. Fuzzing to find another character of admin's password.
Flag: TWCTF{wasshoi!summer_festival!}
I was very happy to find this site. I really enjoyed reading this article today and think it might be one of the best articles I have read so far. I wanted to thank you for this excellent reading !! I really enjoy every part and have bookmarked you to see the new things you post. Well done for this excellent article. Please keep this work of the same quality.
ตอบลบData Science Course in Bangalore