Description

Regular expressions are pretty useful. Especially when you need to search and replace complex terms.

Solution

The site appeared to be a form to perform regular expression replacement

Screenshot 001

A simple test verified my initial thoughts

Screenshot 002

From the placeholder in the pattern field, it also indicated that it’s possible to use arbitrary modifiers as well. Having that in mind, it appears this application might be vulnerable to exploiting the applipcation through the /e modifier which works as eval().

This modifier is deprecated since PHP 5.5.0 - preg_replace()

Screenshot 003

This proved my theory, and it was trivial to extract the flag.

Screenshot 004

<?php $FLAG = "IW{R3Pl4c3_N0t_S4F3}"; ?> ar

Flag: IW{R3Pl4c3_N0t_S4F3}

Rekt Sec
Read More

InternetWatche 2016 CTF - The Secret Store (Web 70)

InternetWatche 2016 CTF - The Secret Store (Web 70) Continue reading

InternetWatche 2016 CTF - The hidden message (Misc 50)

Published on February 22, 2016

InternetWatche 2016 CTF - Ruby's Count (Exp 50)

Published on February 22, 2016