2019-04-28 | by munsiwoo

Awesome PHP open_basedir bypass

Here is an awesome PHP open_basedir bypass by @Blaklis_ You are open_basedir’ed to […]

2019-04-28 | by munsiwoo

[ASIS CTF] Elasticsearch NoSQL Injection

import requests # Elasticsearch NoSQL Injection – ASIS 2019 # made by munsiwoo […]

2019-02-28 | by munsiwoo

교내 해킹방어대회 고등해커 – count (web)

Summary 고등해커라는 교내 대회에 문제를 출제할 기회가 생겨 예전에 발견하고 묵혀뒀던걸 문제로 만들어봤다. […]

2018-12-24 | by munsiwoo

2018 ROOT CTF Write up

munswings (전체 5등, 학생부 4등) ROOT CTF : 2018.12.22 09:00 ~ 2018.12.23 21:00 […]

2018-11-26 | by munsiwoo

3rd TenDollar CTF Write up

Summary Tendollor CTF는 24 Nov, 09:00 ~ 25 Nov, 15:00 KST 동안 진행했던 […]

2018-11-04 | by munsiwoo

교내대회 Old school whitebox

<?php error_reporting(0); require_once ‘config.php’; if(isset($_GET[‘username’], $_GET[‘password’])) { $username = addslashes($_GET[‘username’]); $password = password($_GET[‘password’]); […]

2018-10-18 | by munsiwoo

Hack.lu CTF 2018 – Baby PHP

<?php require_once(‘flag.php’); error_reporting(0); if(!isset($_GET[‘msg’])){ highlight_file(__FILE__); die(); } @$msg = $_GET[‘msg’]; if(@file_get_contents($msg)!==”Hello Challenge!”){ die(‘Wow […]

2018-10-01 | by munsiwoo

2018 CCE Qual – #9 Write-up (Web)

Written by Siwoo Mun (Team 야몽클리닉) First blood! 😀 Step1. SQL Injection 문제 […]