🚨 I uploaded files to my repository: https://github.com/arkark/my-ctf-challenges/tree/main/challenges/202409_IERAE_CTF_2024/web/leakleakleak
- CTFtime: https://ctftime.org/event/2441/
You can download challenge files from: leakleakleak.tar.gz
🚨 I uploaded files to my repository: https://github.com/arkark/my-ctf-challenges/tree/main/challenges/202409_IERAE_CTF_2024/web/leakleakleak
You can download challenge files from: leakleakleak.tar.gz
I expect that the intended solution is to prepare a server that returns a crafted Content-Type header. However, I solved this challenge without preparing the server :)
I solved two web challenges: required notes
and required notes revenge
. Although the intened solution is XS-Leak, I found RCE solution even for the revenge challenge!
I solved all web and some misc challenges. This gist shows my solvers for two hard web challenges: quickstyle
and biscuit-of-totality
.
Just cheat.
<body>
My solution:
$ nc 34.84.217.62 30002
Who will do this?