13. 3. Tryout (Web 10)
Can you find out the flag?
http://172.23.246.101
/97a8a726877677ca7d4b8d9d4bf68d38/
14. 3. Tryout (Web 10)
- 普通にアクセスすると”You are not admin. To
acquire the flag, you have to be admin.”とだ
け返ってくる
- Cookieを見ると”admin=false”というのがある
- これをtrueに書き換えてあげると良さそう
15. 3. Tryout (Web 10)
FLAG
{DO_NOT_BELIEVE_THE_INPUT_FROM_US
ERS}
18. 7. ctf4bbs (Web 500)
This is my first web application. Plz find the
vulnerabilities, and hack this. The flag is in the
browser the administrator uses.
http://172.23.246.101
/21895b22c975deab9423b8b5e0bbe783/
19. 7. ctf4bbs (Web 500)
- “The flag is in the browser the administrator
uses.”とあるのでXSS問題っぽい
31. 18. ENCRYPTION! (Crypt 10)
- JRYPBZR GB PGS SBE ORTVAAREF VA
FRPHEVGL PNZC 2015. GUVF VF GUR
GRFG DHRFGVBA SBE PGS
ORTVAAREF. WHFG QRPELCG JVGU
GUR EBG13 NAQ ERNQ VG. OL GUR JNL,
GUR SYNT VF SYNT
{RAWBLRAPELCGVBA}. RAWBL!
32. 18. ENCRYPTION! (Crypt 10)
- 明らかにrot13なので適当にデコードすると
WELCOME TO CTF FOR BEGINNERS IN SECURITY
CAMP 2015. THIS IS THE TEST QUESTION FOR
CTF BEGINNERS. JUST DECRYPT WITH THE
ROT13 AND READ IT. BY THE WAY, THE FLAG IS
FLAG{ENJOYENCRYPTION}. ENJOY!