Stripe CTF 2.0 web edition challenge has recently ended. It was lots of fun to participate in.
About 7 thousand people have completed the first level and 978 people have completed the whole 9 challenge CTF competition. Leaderboard.
Now that the challenge has ended, people have posted their impressions and solutions to challenges. Stripe CTF 2.0 Write-Up is a great write-up by droogie from IOActive Labs Research. He posted solutions to all 9 problems with brief explanations for those solutions.
List of attacks:
- Level 0 - SQL Injection
- Level 1 - Misuse of PHP Function on Untrusted Data
- Level 2 - File Upload Vulnerability
- Level 3 - SQL Injection
- Level 4 - XSS/XSRF
- Level 5 - Insecure Communication
- Level 6 - XSS/XSRF
- Level 7 - SHA1 Length-Extension Vulnerability
- Level 8 - Side Channel Attack
Subscribe via RSS