A year of backdoors, exploits and pwning

I was very eager to join VIS’s hacking group flagbot (the CTF Committee). I had no inital experience with CTF and could barely read assembly code. After a few tutorial challenges, I was thrown into cold water as we participated in various online hacking competitions, including DEF CON qualifiers and an attack and defense CTF. What follows, are highlights of the past year from flagbot. Baby Steps It all started with my first CTF meeting: I was eagerly wanting to learn “hacking stuff” and become the very best, when I was given my first CTF task: Baby ROP.

[Insomni’Hack 2019] Phuck3 (500, php) / Bypassing open_basedir with two simple lines of php.

(Note: I wasn’t able to solve this challenge during the CTF, but I solved it afterwards) The challenge description gives us a webserver address and a text, that we should use only the php inbuilt functions to get the /flag and show the webmaster that the php builtin functions are insecure as well. Upon loading the website address, we are immediately greeted with an image as well as - presumably - the code for the index.