1

Hack.LU 2013 CTF Wannabe Writeup Part One: Web Exploitation

Introduction

I attended the Hack.LU conference which took place during 22-24th of October 2013. This conference is well-known for its excellent capture the flag contest created by fluxfingers, which was no different this year.  By the end of the conference, there were 21 published challenges within the fields of crypto, web, reverse engineering, exploiting, internals, and miscellaneous. After completing the fairly easy ‘Pay TV’ and ‘RoboAuth’ challenges during my limited free time on the first and second day (I was attending courses rather than dedicating time to the CTF), I started focusing on a harder challenge in the evening, according to its 400 points reward: ‘Wannabe’. It was categorized as ‘exploiting’ and came with the following description: Continue Reading