Tuesday, May 29, 2012

Wargames.My 2011 - writeups

This year there'll be another online ctf games a.k.a wargames in malaysia.Thanks to hackerspace community + TheSexyKambing
http://wargames.my/wgmy2012/
Last year,the game dominated by Kueytiow. He/She manage to solve two binary bonus challenge which made him started the game in a comfort zone.
Can view the last year result here
result

So for those that have interest to join this year wargames do register ASAP.

In my blog I'm gonna share with you some of the writeups for the previous challenge.

Web100
Available in wargames website, web100 writeups

Forensic200
OHMAIGAWD! It seems like we've been hacked! But what did the hackers 
steal? From the logs, it seems like they exploited an SQL injection bug 
on our website. Help us find the name of the database that they stole 
and we shall reward you handsomely.
So players were given with a log to analyze them. You can get it here
From the logs, the attacker just use an automated tool;sqlmap to exploit the web. The injection use Blind technique. If you are good enough in Blind SQL injection,you should get the flag in less than a minute :) goodluck.
Flag = wgmy2011

more will be in my next post...hopefully :P

Share:

0 comments: