http://wargames.my/wgmy2012/
Last year,the game dominated by Kueytiow. He/She manage to solve two binary bonus challenge which made him started the game in a comfort zone.
Can view the last year result here
result
So for those that have interest to join this year wargames do register ASAP.
In my blog I'm gonna share with you some of the writeups for the previous challenge.
Web100
Available in wargames website, web100 writeups
Forensic200
OHMAIGAWD! It seems like we've been hacked! But what did the hackers steal? From the logs, it seems like they exploited an SQL injection bug on our website. Help us find the name of the database that they stole and we shall reward you handsomely.So players were given with a log to analyze them. You can get it here
From the logs, the attacker just use an automated tool;sqlmap to exploit the web. The injection use Blind technique. If you are good enough in Blind SQL injection,you should get the flag in less than a minute :) goodluck.
Flag = wgmy2011
more will be in my next post...hopefully :P
0 comments:
Post a Comment