SimpleAuth4 min read

Welcome back on Exploitnetworking. SimpleAuth is a web challenge of TokyoWesterns CTF. The base of this challenge is manipulate the php function parse_str to bypass auth control and get the flag. Below there is the source code of back-and:

Copy to Clipboard

For print the flag, our goal is bypass this condiction:

Copy to Clipboard

Only way to bypass it is set hashed_password variable. For this purpose we can use parse_str function, and set hashed_password in url whitout set user and pass. In this way we have hashed_password equal to hash value. Then we can use this url:

Copy to Clipboard

And get the flag:

Copy to Clipboard

Recent Tweets

For privacy reasons Twitter needs your permission to be loaded.
I Accept

About the Author:

Leave A Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.