Hacktoday Quals 2018 - Legcounter

Soal http://103.56.207.107:50001 <?php include ('init.php'); session_start(); $upload_dir = "uploads/"; $upload_check = 1; $imageFileType = strtolower(pathinfo($_FILES["legpic"]["name"], PATHINFO_EXTENSION)); $file_ = $upload_dir . md5(random_bytes(32)) . '.' . $imageFileType; if (isset($_POST["submit"]) && isset($_POST['token'])) { $check = getimagesize($_FILES["legpic"]["tmp_name"]); if ($check !== false) { $upload_check =...

Monstra CMS - 3.0.4 Login Rate Limiting Bypass

CVE-2018-11678 Exploit Title: Monstra CMS <= 3.0.4 Login Rate Limiting Bypass CVE: CVE-2018-11678 Vendor Homepage: http://monstra.org/ Software Link: https://bitbucket.org/Awilum/monstra/downloads/monstra-3.0.4.zip Discovered by: Abdillah Muhamad Contact: abdilah.pb@gmail.com Website: https://abdilahrf.github.io Category: webapps Platform: PHP MonstraCMS 3.0.4 Implementing bruteforce protection in login form but...

Nuitduhack Quals 2018: PixEditor - 350pts

Problem Create your own pixel art with this powerful tool. Url : http://pixeditor.challs.malice.fr/ Writeup Kita diberikan website yang fungsinya bisa untuk nge-warnain per-pixel dan dikirim ke php dalam bentuk array RGB 32*32 (4096), ketika kita coba untuk mengurangi/menambahkan pixel maka...

Nuitduhack Quals 2018: CoinGame - 200pts

Problem Description Hi guy ! Hi ! Are you still working on your famous game? Yes of course, I made some modifications to make it more fun. Can I take a look at it? No, I prefer to keep it...

Writeup Hackthebox - Sense

Machine Detail Name : Sense IP : 10.10.10.60 Author : lkys37en Hostname : sense.htb OS : FreeBSD Discovery Port Service Version 80 http Apache httpd 2.4.10 ((Debian)) 443 ssl/http Apache httpd 2.4.25 ((Ubuntu)) Exploitation Scanning using nmap give us information...