Sunday, 21 February 2016

Internetwache CTF 2016 Replace with Grace


Service :

Solution :

The webpage had 3 parameters : search,replace and content

An example would be :
search : /cow/
replace : cat
content : cows are cute

output : cats are cute.

As the webpage uses php, I googled for php search and replace regex

Now I was clear that it uses preg_replace function. Searching for flaws in preg_replace I found that it is prone to command execution using the modifier "e"

This website explains it better :

Time for practicals

and there we have what we want. Isn't it ?

FLAG : IW{R3Pl4c3_N0t_S4F3}

No comments:

Post a Comment

enter valid comments.Suggestions are most welcome and would be interested in correcting my mistakes.