Hello, this is a write-up for the PHP Jail 1 challenge from ringzer0ctf.
Before we begin with the challenge i want to share my discord server, i run a discord-based CTF platform. There you can find CTF challenges, resources, tools, write-ups from other online CTFs and much more.
Join NemesisCTF : https://discord.gg/fCtkmRX
First job we have to do is to connect to the challenge.
Now we have to analyze the source code.
We have to focus to function filter :
Function filter blocks other functions like open/exec/pass/system .. so we simply have to google. A simple google-fu like “php read file” give us this :
Let’s use this to grab the flag!
Bye.