search

Web Exploitation

hashtag
GET aHEAD [20 pts] [Not Solved]

Description

Find the flag being held on this server to get ahead of the competition http://mercury.picoctf.net:53554/arrow-up-right

Solution

a

Flag:

hashtag
Cookies [40 pts] [Not Solved]

Description

Who doesn't love cookies? Try to figure out the best one. http://mercury.picoctf.net:6418/arrow-up-right

Solution

a

Flag:

hashtag
Scavenger Hunt [50 pts] [Not Solved]

Description

There is some interesting information hidden around this site http://mercury.picoctf.net:27278/arrow-up-right. Can you find it?

Solution

a

Flag:

hashtag
Some Assembly Required 1 [70 pts] [Not Solved]

Description

http://mercury.picoctf.net:1896/index.htmlarrow-up-right

Solution

a

Flag:

hashtag
More Cookies [90 pts] [Not Solved]

Description

I forgot Cookies can Be modified Client-side, so now I decided to encrypt them! http://mercury.picoctf.net:25992/arrow-up-right

Solution

a

Flag:

hashtag
It is my Birthday [100 pts] [Not Solved]

Description

I sent out 2 invitations to all of my friends for my birthday! I'll know if they get stolen because the two invites look similar, and they even have the same md5 hash, but they are slightly different! You wouldn't believe how long it took me to find a collision. Anyway, see if you're invited by submitting 2 PDFs to my website. http://mercury.picoctf.net:57247/arrow-up-right

Solution

a

Flag:

hashtag
Who are you? [100 pts] [Not Solved]

Description

Let me in. Let me iiiiiiinnnnnnnnnnnnnnnnnnnn http://mercury.picoctf.net:39114/arrow-up-right

Solution

a

Flag:

hashtag
Some Assembly Required 2 [110 pts] [Not Solved]

Description

http://mercury.picoctf.net:15406/index.html arrow-up-right

Solution

a

Flag:

hashtag
Super Serial [130 pts] [Not Solved]

Description

Try to recover the flag stored on this website http://mercury.picoctf.net:8404/arrow-up-right

Solution

a

Flag:

hashtag
Most Cookies [150 pts] [Not Solved]

Description

Alright, enough of using my own encryption. Flask session cookies should be plenty secure! server.pyarrow-up-right http://mercury.picoctf.net:52134/arrow-up-right

Solution

a

Flag:

hashtag
Some Assembly Required 3 [160 pts] [Not Solved]

Description

http://mercury.picoctf.net:10388/index.htmlarrow-up-right

Solution

a

Flag:

hashtag
Web Gauntlet 2 [170 pts] [Not Solved]

Description

This website looks familiar... Log in as admin Site: http://mercury.picoctf.net:26215/arrow-up-right Filter: http://mercury.picoctf.net:26215/filter.phparrow-up-right

Solution

a

Flag:

hashtag
Some Assembly Required 4 [200 pts] [Not Solved]

Description

http://mercury.picoctf.net:43997/index.htmlarrow-up-right

Solution

a

Flag:

hashtag
X marks the spot [250 pts] [Not Solved]

Description

Another login you have to bypass. Maybe you can find an injection that works? http://mercury.picoctf.net:59946/arrow-up-right

Solution

a

Flag:

hashtag
Web Gauntlet [300 pts] [Not Solved]

Description

Last time, I promise! Only 25 characters this time. Log in as admin Site: http://mercury.picoctf.net:29772/arrow-up-right Filter: http://mercury.picoctf.net:29772/filter.phparrow-up-right

Solution

a

Flag:

hashtag
Bithug [500 pts] [Not Solved]

Description

Code management software is way too bloated. Try our new lightweight solution, BitHug. Source: distribution.tgzarrow-up-right

Solution

a

Flag:

PreviousCryptographyNextHackiHoli

Last updated