poniedziałek, 25 czerwca 2018

billu b0x - CTF

When I was waiting for the results from john from the last post I decided to run another VM with new CTF box. This time I tried "billu: b0x" - machine prepared by Manish Kishan Tanwar. I started from...

... the webpage ;)


Yeah. So we should show some sql-ninja-rap-style... right?

Right? ;]


 phpmy directory revealed some more files, for example:

 Next dir (with indexing enabled):

Let's rescan webserver with new param:




 Good. Next:

Trying harder... ;]


 Yes. So...

Maybe now it's the time to check the file parameter with POST?

What the hack!? ;[

After a while - reason was simple enough to proceed:

Now it's easier:

Checking more files:

What about c.php?

 Let's check it:

We will back to it later... because I found this one response:


Looks good. Reading the content of file:


I decided to check it with my 'new' cookies:

Now we are here:

Ok, let's move to PMA for now. Checking password:


... after I tried few small tricks:

I decided to look around and grab some interesintg info (if there is any...;> )

Ok cool. I was wondering if there will be some kind of a PMA config to find and after a while I found setup directory:

Cool, but still not there.

you wish ;]

Next thing:

Good good, but we need to enable 'save' button first:

After no luck:

...I tried to read ('maybe' some) old config-file... This is what I found:




Brak komentarzy:

Prześlij komentarz