Hi guys hope you are having a nice day. This CTF we will be doing is an android apk, thus we have to decompile it to analyze the source code. Overview: H1 Thermostat Level: Easy Total Flags: 2 After de-compiling the apk, first look at the AndroidManifest.xml, this xml file will tell you what packagesContinue reading “Hacker101 – H1 Thermostat”
Tag Archives: capturetheflag
Hacker101 – Ticketastic
Onto another CTF in Hacker101, Ticketastic:Live Instance. I will go straight to the point, so after playing around with the demo instances, I found out the website is vulnerable XSS attack while submitting as XSS script via the ‘Submit a Ticket’ page. And since, the hint given to us is “This level and the TicketasticContinue reading “Hacker101 – Ticketastic”
Hacker101 – Intentional Exercise
Hi guys, a brand new day means a brand new CTF for us to do 🙂 For today, we will looking through the Android APK. Same as ‘Hello World!’ CTF, in order to know how the application worked, we have to decompile it and look through the source code. I decompile the android apk, unzipContinue reading “Hacker101 – Intentional Exercise”
Hacker101 – “Hello World!”
Hi guys!!! Happy 2020 to you all. Hope you have a new year resolution to solve CTF ahahahah (just joking). Today, we will be doing Hacker101 CTF “Hello World!”. So based on the website, there is a input box ‘STDIN’ and a link to download a vulnerable binary program. The first hint given for thisContinue reading “Hacker101 – “Hello World!””
Hacker101 – BugDB v3
We have now arrived at the last version of BugDB, version 3. At this post/stage, if you are reading it, you should have a bit of understanding how the queries worked, and explore the schema in the GraphiQL client browser. Leggo!!!! BugDBv3!!!! The given hint is “What new functionality was added?”. This brought me toContinue reading “Hacker101 – BugDB v3”
Hacker101 – BugDB v2
Alright let’s get starting with BugDBv2, similar to the first BugDBv1, it is on GraphiQL. So for this BugDBv2, there is additional ‘Root’ type called ‘mutation’. You can find it under the tab button called ‘Docs’. Click on ‘MyMutattions’ and it will show you a field structure. I searched up, what is ‘Mutation’ in GraphiQL,Continue reading “Hacker101 – BugDB v2”
Hacker101 – BugDBv1
Hi all, hope you have a nice day at work. Today I will be doing on GraphiQL CTF. This CTF requires a bit of knowledge on GraphiQL though I do not have any idea on GraphiQL, I went to search up and understand that the query format is in Json format. So, I was lazyContinue reading “Hacker101 – BugDBv1”
Hacker101 – Postbook
Hi guys hope you all have a nice weekend. Today we will be covering on Postbook from Hacker101 CTF. Overview: Name: Postbook Difficulty: Easy Total Flags: 7 Though there are total of 7 flags, it is quite easy to solve and since I am editing this post while doing the CTF in the morning, IContinue reading “Hacker101 – Postbook”
Hacker101 – Micro-CMS v2 (Manual Blind SQLi)
Previously, I wrote in the post that though I used sqlmap tool to automate sql injection, I would be doing the blind sql injection blindly and I will explain the concept behind it. Do note that this write up is only doing blind sql injection for Flag 2 of Micro-CMSv2. Before we start, let consolidatedContinue reading “Hacker101 – Micro-CMS v2 (Manual Blind SQLi)”
Hacker101 – Micro-CMS v2 part 2 (Flag 1 & 2)
Hi guys hope that you are having fun solving CTFs. Yesterday, I posted a writeup on flag 0 of Micro-CMS and so for today we will be continue to solve the remainder flag of Micro-CMS v2. Flag 1 The given hint is “What actions could you perform as a regular user on the last level,Continue reading “Hacker101 – Micro-CMS v2 part 2 (Flag 1 & 2)”
Bs&Derek 