Rip 'em Out!

This is an re-post from an old archive ... From MySQL documentation : "The SELECT ... INTO OUTFILE 'file_name' form of SELECT writes the selected rows to a file. The file is created on the server host, so you must have the FILE privilege to use this syntax. file_name cannot be an existing file, which among other things prevents files such as /etc/passwd and database tables from being destroyed. As of MySQL 5.0.19, the character_set_filesystem system variable controls the interpretation of the filename." The INTO OUTFILE operator can be used during sql injection exploiting to write php shell on remote host. Unfortunately (fortunately?) this is only possible in some (very) race conditions : mysql user must have the FILE privilege; the operator requires a "quoted" file pathname, so the web application should not escape/filter them; httpd and mysql should be installed on the same machine, or (if you can) the file will be written on the dbms machi

Some writeups for CTF Politeknik Mersing 2017. Honestly, I'm not really expert and experience guy in crafting and create a CTF question challenges. But for this competition,  my intention is only meant for begineers folks. And susprisingly some of them are able to answers it and not. By putting some basic cryptography elements + basic exploitation which is based on Metasploitable2 vulnerable Images.  Ok, here are the list of questions and challenges for the event: Information Gathering 1. Mesej Tersembunyi (Flag 1) 2. Mesej Tersembunyi lagi (Flag 2) Exploitation 1. Mencari Kucing sesat (Flag 3) 2. Tidak Benar Belaka (Flag 4) 3. Tiga Abdul - Abdul Wahab, Abdul Wahib & Abdul Wahub (Flag 5) Forensic Challenge 1. Image Forensic - Steganography  With total of 6 challenges! All you have to do is own this box in order to get all the flags except for Steganography. Flag 1: Mesej Tersembunyi Viewing the source from browser we found this. &