Solving dorsia2 from WPICTF CTF 2020

Posted on Mon 20 April 2020 in CTF by 0xm4v3rick • Tagged with webappsec, file read, writeup, lfi

Local File Inclusion (LFI) in the code C code supplementing the web server.


Continue reading

Solving autograder from WPICTF CTF 2020

Posted on Mon 20 April 2020 in CTF by 0xm4v3rick • Tagged with webappsec, file read, writeup

Challenge involving application allowing C code compilation which could be exploited to read files.


Continue reading

Solving Screenshoter from FireShell CTF 2020

Posted on Mon 23 March 2020 in CTF by 0xm4v3rick • Tagged with webappsec, phantomjs, file read, writeup

Challenge based on CVE-2019-17221 - arbitrary file read in PhantomJS through 2.1.1.


Continue reading

Solving URL to PDF from FireShell CTF 2020

Posted on Mon 23 March 2020 in CTF by 0xm4v3rick • Tagged with webappsec, PDF generators, file read, writeup

Challenge based on the talk Owning the clout through SSRF and PDF generators.


Continue reading