CTF#2 Level 9

Url: http://ctf.infosecinstitute.com/ctf2/exercises/ex9.php Description: It seems you were automatically logged in as John Doe. Try to find a way to be logged in as the user Mary Jane in order to see her profile. Vulnerability: OWASP A2 Broken Authentication and Session Management Solution: This should be…

CTF#2 Level 3

URL: http://ctf.infosecinstitute.com/ctf2/exercises/ex3.php Description: You are on Level 3. You know that the users are stored on an ordinary text file. You also know that for this to work there are some parameter delimiters used. Your task is to create an account that would be an…

CTF#2 Level 2

Url: http://ctf.infosecinstitute.com/ctf2/exercises/ex2.php Description: Some folks have decided to make a web calculator. You, on the other side, think to play a prank on them. Your task is to inject the PHP statement that shows information about Apache and things like the PHP version, as well…