dimanche 18 décembre 2016

Writeup WhiteHat GrandPrix - 100 - Banh bot loc - Web


Writeup WhiteHat GrandPrix - 100 - Banh bot loc - Web
# Zakizak
# Sudo_root

Description
This url were given to us: http://web05.grandprix.whitehatvn.com and they asked us for finding the flag.
Solution
Visiting the website we had something like this :


The login link go to http://web05.grandprix.whitehatvn.com/index.php?username=guest&password=guest and says noob like this :

 
Let’s see source code of teh web page


 Let’s see index.php.bak
















To show the secret value, it's clear that we have to get around this test
if($Username.$key == md5($password).
The above line checks that the concatenation of the username and the key is equal to the md5 hash of the password.
knowing that unexpected Behavior of PHP equal to operator :







the combinaison of username and password shown on the next figure will get around the condition and get us the flag back like this :



Publié par à

Aucun commentaire:

Enregistrer un commentaire

Inscription à : Publier les commentaires (Atom)