Twctf
Ok the website given displayed some error that cannot include(..) *** so i figured out it was Local File Inclusion vulnerability (LFI)
i tried ../../etc/passwd but then '.' and '/' were removed and /en-us.php was added then i tried %00 null-byte injection still no luck
then my senior guided me to look for request .. in HTTP headers that was sent had "Accept-lang:en-us" so this was injection point
but still i was unable to access any of the pages then i opted for PHP wraper . i got index.php and then flag.php in base-64 encoded decode and get the flag
NOTE: to do all this CURL was the best !!!
?page=php://filter/convert.base64-encode/resource=index.php
curl -H "Accept-Language: /filter/convert.base64-encode/resource=index,en;q=0.5" -H "User-Agent: Mozilla/5.0 ...." http://globalpage.chal.ctf.westerns.tokyo/?page=php:
# TWCTF{I_found_simple_LFI} (the decoded one )
We were given a image and i tried all the tool i had except .. binwalk but the sol was to use binwalk .. running binwalk you will see nothing other than png and Zlib
compressed so we have to extract the Zlib data and run stings on it tadaa flag !!