[CH] forum - HackMD

FlyDragon

Step.1

用題目給的帳號登入

Image Not Showing Possible Reasons

The image was uploaded to a note which you don't have access to
The note which the image was originally uploaded to has been deleted

Learn More →

登入後可以看到三篇貼文，且三篇的標題都可以點擊跳轉至對應頁面

Image Not Showing Possible Reasons

The image was uploaded to a note which you don't have access to
The note which the image was originally uploaded to has been deleted

Learn More →

Step.2

查看貼文，發現頁面為 post{index}.php

Image Not Showing Possible Reasons

The image was uploaded to a note which you don't have access to
The note which the image was originally uploaded to has been deleted

Learn More →

查看post0.php 取得第一段 flag

Image Not Showing Possible Reasons

The image was uploaded to a note which you don't have access to
The note which the image was originally uploaded to has been deleted

Learn More →

Step.3

查看第三篇貼文，發現有編輯的按鈕，按下後得知僅有 admin 可以編輯貼文

Image Not Showing Possible Reasons

The image was uploaded to a note which you don't have access to
The note which the image was originally uploaded to has been deleted

Learn More →

嘗試 sql injection 登入網站

username : admin
password : ' or 1=1#

Image Not Showing Possible Reasons

The image was uploaded to a note which you don't have access to
The note which the image was originally uploaded to has been deleted

Learn More →

成功登入網站

Image Not Showing Possible Reasons

The image was uploaded to a note which you don't have access to
The note which the image was originally uploaded to has been deleted

Learn More →

Step.4

查看第三篇貼文，發現沒有編輯按鈕，推測兩點

僅可編輯自己的貼文
僅有 admin 可編輯貼文

第一篇貼文的 Author 為 admin ，嘗試編輯貼文

Image Not Showing Possible Reasons

The image was uploaded to a note which you don't have access to
The note which the image was originally uploaded to has been deleted

Learn More →

取得 flag

Step.1

Step.2

Step.3

Step.4

Read more

[CH] Cookie Stealer

[EN] Cookie Stealer

LoTuX CTF 投稿說明

[EN] Rev C 2