md5 collisions and the way php interprets types (php hash collisions)

As I was recently working on the Homeless vulnhub CTF by Min Ko Ko, one of steps required to proceed further contained the following code: Continue reading “md5 collisions and the way php interprets types (php hash collisions)”

CTF: Basic Pentesting (a guide for beginners)

The Basic Pentesting CTF is a very basic beginner’s level CTF, which can be taken in just a few minutes. The remote attack vector on the machine is a  direct way to get root in case you just read and understand the description of the exploit, so anyone reading this may benefit a bit more from the second attack vector I described. Continue reading “CTF: Basic Pentesting (a guide for beginners)”

USV 2017 CTF walkthrough

In this post I’ll present a walkthrough on the methods I used for the vulnhub VM which presents the  USV 2017 CTF competition, which is held each year in Suceava University, created by Oana Stoian and Teodor Lupan from Safetech Innovations (Bucharest, RO) Continue reading “USV 2017 CTF walkthrough”