Information#
Version#
| By | Version | Comment |
|---|---|---|
| noraj | 1.0 | Creation |
CTF#
- Name : WhiteHat GrandPrix 2016
- Website : grandprix.whitehatvn.com
- Type : Online
- Format : Jeopardy
- CTF Time : link
Description#
http://web04.grandprix.whitehatvn.com
http://bakweb04.grandprix.whitehatvn.com:8118
Powered by People Security Academic - PSA
Solution#
TL;DR: Incomplete write-up.
Here is the home page:
Check the source code:
What's your name? I just want to say hello :)
<form>
<input name="hello" value="" />
<button type="submit">Send</button>
</form>
<!-- function hint() -->So let's try the hint function: http://web04.grandprix.whitehatvn.com/?hint=.
$blacklist = array("system", "passthru", "exec", "read", "open", "eval", "backtick", "`", "_");
die("No no no hackers!!");