Writeup - PHPFudge (UIUCTF 2021)
UIUCTF 2021 - PHPFudge (Beginner) Writeup
- Type - Jail
- Name - PHPFudge
- Points - 50
Description
1 | i hate php |
Writeup
This was a fairly simple challenge to complete. When you navigate to the URL in the description, the page you’ll see has this text followed by the output of phpinfo():
1 | <?php |
So, I followed the advice of the comment, went to /flag.php, and when you look at the source code, you find the flag!
Flag: uiuctf{pl3as3_n0_m0rE_pHpee}
Real-World Application
There’s not a whole lot here to go off of, but always look at the source code! Before delving deep into any challenges, always do recon first! Just as in pentesting, the first step (after prep) is Information Gathering/Discovery! It’s always easier to increase your attack surface first before probing for vulnerabilities. Before getting deep into any CTF challenges, poke around first!