Those are my challenges for multiple CTF I did since 2019 (sadly, I've no backups of my previous challenges :()
Phuck3
- Difficulty : 🔥🔥🔥🔥 (very hard)
- Solves : 0
- Main ideas : Bypass PHP open_basedir to read a flag
- Click to go on the challenge repo!
PHPrivate
- Difficulty : 🔥🔥🔥 (Hard)
- Solves : > 20 (fail in the code :()
- Main ideas : Use MySQL max_packet_size to make an uncatched query crash to return false == "" => login Bypass
- Click to go on the challenge repo!
ShoPHP
- Difficulty : 🔥🔥🔥🔥 (very hard)
- Solves : 1
- Main ideas : Use PHP bug #77115 to create a PHP array with duplicate keys to bypass SQL sanitization
- Click to go on the challenge repo!