Bucket CTF 2023-wp

Web

sqli1

1' or 1=1 #

解题思路

1' or 1=1 #

sqli2

1' or 1=1 #

解题思路

sqli3

题目说明

Finally! I moved the secret into a COMPLETELY different table. There is NO way you can find it now.

解题思路

sqlmap:

Ping check

题目说明

WEB
EASY
Did you know that this CTF is run on custom built open source software? Note: The flag is not in the usual bucket{} format.
Do not overthink.
You don’t need to go to any other page.

解题思路

题目说明里有网站源码：https://github.com/EmergencyBucket/pail

Gif

题目说明

I made a secure php web app where I can upload all my gifs. Some people on the internet told me to run it in a docker container just to protect it from my personal files, but who cares.

解题思路

看他的表单提交，接收2个参数，文件名，和文件

需要加个gif的magic header https://en.wikipedia.org/wiki/List_of_file_signatures


貌似不能eval，直接system执行命令可以

sqli4

貌似和3一样

Reverse

Apps

解题思路

Misc

minecraft

解题思路

Discord

解题思路:

Transmission

解题思路

P clocks

解题思路

$ tshark -r clocks_medium.pcap -T fields -e frame.time_delta | cut -c3-3 | tr '15' '01' | tr -d '\n' | cut -c2- | perl -lpe '$_=pack"B*",$_'
bucket{look_at_the_times_sometimes}