DomeCTF XII Writeup : The Matrix

Parinay Bansal
Sep 29 · 4 min read

TEAM ARDUS

It Begins…

DOMECTF COCON XII

When participating in DomeCTF I started off with Congo. The title said “The Matrix”, well as a kid I have enjoyed the movie and now I got a chance to enjoy the challenge. Purely going by its name, it became my first choice.

The problem Statement

The link pointed to https://matrix.domectf.in

The login Page

Seeing a website, I statred off with a two pronged approach.

Recon the website and recon the Server.


Recon

The ping to website. Ip belongs to Cloudflare.
Nothing in there either
dirb finds the backup directory
As expected, backup has a directory listing
Registration Page
The registration page shows my username and password. Could there be some XSS?

The Backup Zip

It looks like we found the source Code

Source Code

index.php
register.php
functions.php
users.dat
This is how our pws.dat would look on the server

PHP Type Juggling

OWASP Day presentation on PHP magic tricks
convert.py
converted users.dat
generate.py

Flag Time

We have the password for user byGcY

Let’s Test if we were correct

Flag Found

Happy Hacking Guys………………


InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Parinay Bansal

Written by

Entrepreneur, father of a Daughter and a Dog. security analyst, Red Teamer

InfoSec Write-ups

A collection of write-ups from the best hackers in the world on topics ranging from bug bounties and CTFs to vulnhub machines, hardware challenges and real life encounters. In a nutshell, we are the largest InfoSec publication on Medium. Maintained by Hackrew

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade