Meeting 2 Labs
Meeting 2: SQLi, LFI and Automating Attacks¶
Resources¶
- Insomnia REST Client
- Send HTTP Requests Online
- Online PHP Sandbox
- PHP Documentation for include()
- PHP Documentation for wrappers
- CVV #1: Local File Inclusion
Labs¶
Some of these problems were taken from the ongoing PicoCTF2019 contest.
Warmup 0: Client-side-again (200 pts)¶
Problem:
Can you break into this super secure portal? https://2019shell1.picoctf.com/problem/32255/ or http://2019shell1.picoctf.com:32255
Hints:
- What is obfuscation?
Warmup 1: Irish-Name-Repo 1 (300 pts)¶
Problem:
There is a website running at https://2019shell1.picoctf.com/problem/47253/ or http://2019shell1.picoctf.com:47253. Do you think you can log us in? Try to see if you can login!
Hints:
- There doesn't seem to be many ways to interact with this, I wonder if the users are kept in a database?
- Try to think about how does the website verify your login?
Lab 1: Irish-Name-Repo 2 (350 pts)¶
Problem:
There is a website running at https://2019shell1.picoctf.com/problem/40968/. Someone has bypassed the login before, and now it's being strengthened. Try to see if you can still login! or http://2019shell1.picoctf.com:40968
Hints:
- The password is being filtered.
Lab 2: Irish-Name-Repo 3 (400 pts)¶
Problem:
There is a secure website running at https://2019shell1.picoctf.com/problem/21874/ (link) or http://2019shell1.picoctf.com:21874. Try to see if you can login as admin!
Hints:
- Seems like the password is encrypted.
Demo 1: cereal hacker 2 (500 pts)¶
Problem:
Get the admin's password. https://2019shell1.picoctf.com/problem/62195/ or http://2019shell1.picoctf.com:62195
Lab 3: http://lfi.warchall.net/¶
Problem
This is not a PicoCTF problem. Can you leak the source code of solution.php?
Hints:
- Try
php://filter/convert.base64-encode/...
Lab 4: http://rfi.warchall.net/¶
Problem
This is not a PicoCTF problem. Can you get a shell?
Hints:
- Can you gain RCE?
- Can you find a one-line PHP backdoor? (Use Google!)