Welcome back on Exploitnetworking. SimpleAuth is a web challenge of TokyoWesterns CTF. The base of this challenge is manipulate the php function parse_str to bypass auth control and get the flag. Below there is the source code of back-and:
For print the flag, our goal is bypass this condiction:
Only way to bypass it is set hashed_password variable. For this purpose we can use parse_str function, and set hashed_password in url whitout set user and pass. In this way we have hashed_password equal to hash value. Then we can use this url:
And get the flag:
Interessant Security/Hacking books:
https://amzn.to/2Tclhs0
https://amzn.to/2v400ZA
https://amzn.to/2PkStfL
https://amzn.to/2PkStfL
Leave A Comment