wargame.kr
![[Wargame.kr] SimpleBoard 풀이 (360p)](https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FbmLdRY%2FbtqF7LB8OIm%2FmjURQj3rrccDRZqOVBICHK%2Fimg.png)
[Wargame.kr] SimpleBoard 풀이 (360p)
SimpleBoard view-source code Simple Union SQL injection Challenge. (but you need script... maybe?)
![[Wargame.kr] pyc decompile 풀이 (354p)](https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FcHZZfH%2FbtqF64oCIwO%2FOeOegSobeiO8dJl9tqRyf1%2Fimg.png)
[Wargame.kr] pyc decompile 풀이 (354p)
풀이 bughela.pyc :D 파이썬~ python~ [IMPORTANT] SERVER TIME (KST) : 2020/07/29 18:42:36 pyc는 bytecode로 compile된 파이썬 파일이다. 다음 링크에서 decode 할 수 있다. https://www.toolnb.com/tools-lang-en/pyc.html PyC decompiler-love data tool www.toolnb.com import time from sys import exit from hashlib import sha512 def main(): print 'import me :D' def GIVE_ME_FLAG(flag): if flag[:43] != 'http://wargame.kr:8080/pyc_decomp..
![[Wargame.kr] web chatting 풀이 (341p)](https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FzuSBX%2FbtqF64PEach%2F7ULKYlk7Phl9jHTtPk1HP0%2Fimg.png)
[Wargame.kr] web chatting 풀이 (341p)
풀이 Simple SQLi Challenge. How can I set in order to reduce the traffic? Please try looking at a developer's perspective. 해당 코드를 봐보자. function getchatlog(type){ xmlhttp = new XMLHttpRequest(); if(type==1){xmlhttp.onreadystatechange=getni;xmlhttp.open("GET","chatlog.php?t=1"); }else if(type==2){xmlhttp.onreadystatechange=chatprint;xmlhttp.open("GET","chatview.php?t=1&ni="+ni);} xmlhttp.send(null);..
![[Wargame.kr] php? c? 풀이 (291p)](https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FdcpXVx%2FbtqF7taok0p%2FK8feXhfDgYLa5drg2LpAZ0%2Fimg.png)
[Wargame.kr] php? c? 풀이 (291p)
php? c? view-source code do you know "integer type" of 32bit application? #include #include void nono(); int main(int argc,char **argv){ int i; if(argc!=2){nono();} i=atoi(argv[1]); if(i4){nono();} if(i
![[Wargame.kr] img recovery 풀이 (288p)](https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FcyRQNR%2FbtqF7LokH5R%2FumLYVv6MVk4gAhyzK8tvy1%2Fimg.png)
[Wargame.kr] img recovery 풀이 (288p)
풀이 Recovery the PNG image file! but.. is this really "PNG" file? (NO STEGANOGRAPHY. THIS IS FORENSIC CHALLENGE) HxD로 파일을 열어보니 Japng 라는 문구가 눈에 보였다. 찾아보니 Japng Editor가 있어 다운 받았다. 다음 링크에서 다운 받을 수 있다. https://www.reto-hoehener.ch/japng/ Japng - Java (Assembler for) Animated Portable Network Graphics APNG 2008-02-24 Implemented Apng interface. It can now handle more than 1 IDAT chunk. Now also suppor..
![[Wargame.kr] md5_compare 풀이 (236p)](https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2Fbc7nyv%2FbtqF5AVijqY%2FzQ6Wl7g8A1ivN5s3ySRc7K%2Fimg.png)
[Wargame.kr] md5_compare 풀이 (236p)
md5_compare view-source code JUST COMPARE ONLY. with the other value :D v1 값은 모두 알파벳, v2 값은 모두 숫자여야 한다. 그냥 md5 magic hash를 이용한 문제 같으니 빨리 풀어주자. 암호화 했을 때 0e로 시작하는 문자열을 찾아 넣어주자. v1=QNKCDZO v2=240610708
![[Wargame.kr] DB is really GOOD 풀이 (220p)](https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FbgB4Sx%2FbtqF5dTCVi9%2FTkKsdLeba6EijI0vEwDll0%2Fimg.png)
[Wargame.kr] DB is really GOOD 풀이 (220p)
풀이 로그인 화면이 주어진다. 한 3번째 시도쯤에 SQL 에서 에러를 출력해줬다. (Burp Suite로 admin%00을 입력했다.) Fatal error: Uncaught exception 'Exception' with message 'SQLite3::open() expects parameter 1 to be a valid path, string given' in /var/www/html/db_is_really_good/sqlite3.php:7 Stack trace: #0 /var/www/html/db_is_really_good/sqlite3.php(7): SQLite3->open('./db/wkrm_admin...') #1 /var/www/html/db_is_really_good/memo.php(1..
![[Wargame.kr] md5 password 풀이 (214p)](https://img1.daumcdn.net/thumb/R750x0/?scode=mtistory2&fname=https%3A%2F%2Fblog.kakaocdn.net%2Fdn%2FOzAon%2FbtqF7LavDAM%2FeKmVulK95u2F0NdnrZRew0%2Fimg.png)
[Wargame.kr] md5 password 풀이 (214p)
md5 password view-source code md5('value', true);