CHALLENGE DESCRIPTION SOLUTION We can view the source code of the web, we notice that the file’s name of the flags in xx.png format, but only 1 with xxx.png Download it and try to analyze with ...

CHALLENGE DESCRIPTION SOLUTION First, we can see half of the flag in the PDF file We can try something like strings or binwalk but nothing is interesting Let try exiftool and we can notice th...

CHALLENGE DESCRIPTION SOLUTION Install and Usage sudo apt install ruby sudo gem install zsteg zsteg -a img.png Solve We can try some thing like steghide or exiftool or strings but nothing seem...

CHALLENGE DESCRIPTION SOLUTION Manual We open pcap file with Wireshark, we can notice that there are some things look like Base64 strings, and some of them have same length. We search tcp.len =...

CHALLENGE HINT Flag2 We should try some sqlmap by saving our POST to a file named req and run the command sqlmap -r req --dump --batch Flag0 After reading the hints, we know that we need to us...

CHALLENGE HINT Flag0 Using FUZZ tool to brute force user password. Flag1 Change id=2 Flag2 We read the hint, inspect when create new post, we can see <input type='hiden'>, delete hiden a...

CHALLENGE HINT Flag0 Read the hint, we see vulnerability at check out page, let add kitten and puppy in our cart and check out. Inspect it and change the value of price to 0. Flag1 Use FUZZING ...

CHALLENGE HINT Flag0 After creating new page, we can notice our ID on URL. Hmmm, something wrong here, we can click on 2 provided pages and notice that their ID are 1 and 2, but our new page got ...

CHALLENGE DESCRIPTION SOLUTION We are provided nc verbal-sleep.picoctf.net 57819 to connect to the server. What we need to do is: Use hashid to indentify the hash type. Use hashcat -h | gre...

CHALLENGE DESCRIPTION SOLUTION They will give us a link to PicoCTF News By guessing, click all of the hashtags, we are redirected to api-docs page, and we can easily notice /headump at the bott...