Using that as input will change the background image of some HTML tags and generate a request to our website. The color bbcode injected, we can see the result:Īs shown in the screenshot, the parameter “test” is inserted inside a style tag, and since other characters are not correctly filtered, we can do a CSS injection: Testing all possible bbcodes, one, in particular will be interesting to us, color. A bbcode function is however enabled on the application, allowing us to input interesting data, for example, Message will be translated to Message. XSS tentatives will be proven to be unsuccessful, as we do not have access to the characters and we are not in an attribute. This page will edit the “about” field of our user.We can also see that there is an administrator function commented in the html, hinting us of a potential XSS or similar attack, as the administrator will have a list of updated status in his dashboard. We can see that we can edit part of our profile as well by using edit.php. SolutionĬhecking the source of the profile page, we can see some interesting information:įirst, the secret is shown in an input tag. The goal of the challenge is to recover the secret of an administrator. The application seems pretty straightforward, we can register with an username, a password, and a secret. As requested by some other teams, here’s a write-up for the Web200 CTF challenge of HackIT 2017.
I participated at the HackIT 2017 CTF with team sec0d, and we finished first. New comments cannot be posted and votes cannot be cast.Īdds Music Unlimited Sony today released PSP Firmware 6.35, it adds a new Music Unlimited feature to the XMB music category.
This time I'll show you how to install awesome looking.ctf themes on 6.60 cfw PSP.