CHALLENGE HINT Flag0 Read the hint, we see vulnerability at check out page, let add kitten and puppy in our cart and check out. Inspect it and change the value of price to 0. Flag1 Use FUZZING ...

CHALLENGE HINT Flag0 After creating new page, we can notice our ID on URL. Hmmm, something wrong here, we can click on 2 provided pages and notice that their ID are 1 and 2, but our new page got ...

CHALLENGE DESCRIPTION SOLUTION We are provided nc verbal-sleep.picoctf.net 57819 to connect to the server. What we need to do is: Use hashid to indentify the hash type. Use hashcat -h | gre...

CHALLENGE DESCRIPTION SOLUTION They will give us a link to PicoCTF News By guessing, click all of the hashtags, we are redirected to api-docs page, and we can easily notice /headump at the bott...

CHALLENGE DESCRIPTION SOLUTION Upload our payload <?php system($_GET["cmd"]); ?> We can see that our file is located at /uploads/[file] Now we inject to the URL /uploads/[file].php?cmd=s...

CHALLENGE DESCRIPTION SOLUTION SSTI1 As we know it has SSTI vulnerability, we can try this $ and we get the respond $7777777. Now input our payload: {request.application.__globals__.__builtins__...

Writeup ** Q1: Analyze the auth.log. What is the IP address used by the attacker to carry out a brute force attack?** We need to look for failure attempt Search for cat auth.log | grep "Failed pa...

DESCRIPTION Take in two numbers, a and b. Return a+b. Example Input: 3 4 Output: 7 SOLUTION a, b = int(input()), int(input()) print(a + b)

DESCRIPTION Take in a string. Print the reverse. Example Input: Test me Output: em tseT SOLUTION n = (input()) print(n[::-1])

DESCRIPTION Take in a number, print “odd” if odd and “even” if even. Example Input: 3 Output: odd SOLUTION n = int(input()) print("odd" if n % 2 != 0 else "even")