Google CTF 2018

Admin UI

The command you just found removed the Foobanizer 9000 from the DMZ. While scanning the network, you find a weird device called Tempo-a-matic. According to a Google search it’s a smart home temperature control experience. The management interface looks like a nest of bugs. You also stumble over some gossip on the dark net about bug hunters finding some vulnerabilities and because the vendor didn’t have a bug bounty program, they were sold for US$3.49 a piece. Do some black box testing here, it’ll go well with your hat.

nc mngmnt-iface.ctfcompetition.com 1337

You can find my all CTF solution in here

First review

İmportant Release notes: -Fixed path traversal bug and Rollback of version 0.2

I think this program have path traversal bugs.

I tried some of paths but I think I counldn’t true path

This program is open given path If I can re-write this code in c. Actually codes use fopen(“Version0.2″,”r”);

In the ubuntu I you open /proc/self/cmdline directory with any editor or program this return program name

also /proc/self/maps shows full directories in memories.

After that I push the hex file into to hex. When I dive into in hex file with hexeditor I found some flag ctf and password words. But /.flags shows like directories

When I try to run ./flag in smae directory I found the flag 🙂

CTF{I_luv_buggy_sOFtware}