search

HightechSec / web-ctf-container

A training platform with different Scenarios of CTF Web Challenges
24 stars 11 forks source link

Help solving rand() prediction #1

Open loan-mgt opened 1 year ago

loan-mgt commented 1 year ago

I've found this repo/project very useful.

I've managed to solve all of the challenges except the last one.

Could be useful to have a solution/explanation.

loan-mgt commented 9 months ago

📗 Solution I've found:

Strcmp v1.0:

password[]=

Help: Type Juggling - PayloadsAllTheThings

Strcmp v2.0:

http://localhost/otp/index.php?code[]=&code[]=&code[]=&code[]=&code[]=&code[]=&code[]=&code[]=&code[]=&code[]=&code[]=

Help: Type Juggling - PayloadsAllTheThings

Crack The Hash:

brontes33

Help: MD5Hashing - brontes33

Lucky numbers:

0095000

Help: Bypass is_numeric function - Reddit

Bypass like a 1337:

--data password= \
--data otpcode=

Help: Ducks - HackThisSite CTF Writeups