CTF#2 Level 2

Url: http://ctf.infosecinstitute.com/ctf2/exercises/ex2.php Description: Some folks have decided to make a web calculator. You, on the other side, think to play a prank on them. Your task is to inject the PHP statement that shows information about Apache and things like the PHP version, as well…

CTF#2 Level 1

Url: http://ctf.infosecinstitute.com/ctf2/exercises/ex1.php Description: People want you to store your favorite links here. However, you are not into that, you just want to do some XSS magic to the page. Add an alert with the message ‘Ex1’ to the page (My Sites:) Vulnerability: A3 Cross-Site Scripting…

Hidden Flag

Url: http://ctf.infosecinstitute.com/misc/readme.wav Description: readme.wav Solution: This hidden challenge can be seen using command execution on levelfifteen, there is a misc folder. Using Audacity audio tools open the readme.wav, it contain the morse code sound, to more clear you can, choose the dropdown readme on the left…

Level 15

Url: http://ctf.infosecinstitute.com/levelfifteen/index.php Description: DNS Lookup Bounty: $150 Solution: This challenge is command line injection (you must know linux command line), when you input address 127.0.0.1 for example in the fill form, you will get output Look the ;127.0.0.1 lines, ‘;‘ indicates you can input 2 command…

Level 14

Url: http://ctf.infosecinstitute.com/levelfourteen.php Description: Do you want download level14 file? Bounty: $140 Solution: Download the file and after identify the file with “find” command line in linux, the file is ascii file type, the file contain phpmyadmin SQL dump. After scroll looking for interesting part, I found one…

Level 13

Url: http://ctf.infosecinstitute.com/levelthirteen.php Description: What the heck happened here? It seems that the challenge here is gone? Can you find it? Can you check if you can find the backup file for this one? I’m sorry for messing up Bounty: $130 Solution: First I’m very confused with this…

Level 12

Url: http://ctf.infosecinstitute.com/leveltwelve.php Description: Dig deeper! Bounty: $120 Solution: The contain url is the same as levelone.php, first I look in the leveltwelve.php source code, it seem normal then I compare the levelone.php source code and levelfour.php source code. I noticed that is a different in the…

Level 11

Url: http://ctf.infosecinstitute.com/leveleleven.php Description: What another sound again? No it must not be a sound? But wait whaT? Bounty: $110 Solution: The image just the same as image in levelten, lets check the other images (found in the source code), the php images, lets open with Hex Workshop…

Level 10

Url: http://ctf.infosecinstitute.com/levelten.php Description: What kind of sound is this? Sorcery Perhaps? – Flag.wav Bounty: $100 Solution: The file is wav audio files, after research for awhile I open the file with audacity program than set the Playback speed to 0.11x, I got the flag The flag…

Level 9

Url: http://ctf.infosecinstitute.com/levelnine.php Description: CISCO IDS WEB LOGIN SYSTEM Bounty: $90 Solution: You will be prompt to input username and password, lets find the default password of that Cisco, hope it didn’t change. After googling around I found the username and the password Username: root Password: attack…