This challenge was created when I was confused about how to explain the LFI bug Local File Inclusion during a secure coding session at STTS. Since I was quite bored with LFI to Local File Read via wrapper, I searched for LFI to RCE methods other than through self/proc/environ and found LFI to RCE via Access Log Poisoning. However, because hosting environments could not read log files in txt format, a file upload feature was created that only allows txt files. Below is the Write Up.
Well maybe the title is a bit click bait — SQL injection itself can’t directly inject all the way to an RDP account takeover xD
Actually the initial goal was just to download anime on moesubs.com, but when opening the website there was a URL that looked very suspicious: https://moesubs.com/?hal=dlrilisan&id=591 so I tried checking with ' and the site returned an error. After the error I balanced it using an SQL comment --+- and the page returned to normal, okay let’s continue …
Well, this post was made because the Surabaya Hacker Link challenges have been updated and many people were curious about this challenge but hadn’t solved it yet and suggested making a video tutorial, but since I can’t make a video, I’ll just write it here instead, updated challenges
It explains that we have to save John’s website and then we will be given a Telegram group link (flag).
initial appearance of the shl challenge page
Preface First of all, thanks to slashroot ctf because without slashroot ctf I might not have been able to provide these challenges through dewaweb.com. Thanks to all player who took the time to try this ‘simple’ challenge.
Notes clue “recon, tools, sign-in, submit”
This recon is very easy, actually you don’t need to use tools or scanners. There are still many websites that store important things in HTML comments.
It clearly shows info that the git repository (/.git/) was …
Background From observing several IT groups that I follow, many people keep asking, Is XSS dangerous?, How to upload a webshell via XSS?, Why is my XSS bug report not responded to? Is it because XSS is not dangerous?, Or maybe because the web admin is already you know what?, More or less those are the questions that come up, let’s discuss together what the characteristics of XSS are,
Definition Cross-site scripting is a type of computer security vulnerability typically found in web applications. …
