Contact CTF writeups Notes

[PicoCTF 2018] - web - Buttons

This is one of my writeups for PicoCTF 2018

Problem

There is a website running at http://2018shell3.picoctf.com:44730 . Try to see if you can push their buttons.

Hints :

  1. What's different about the two buttons?

Solution

If we browse to a website, we are presented with the following form :

<form action="button1.php" method="POST">
    <input type="submit" value="PUSH ME! I am your only hope!"/>
</form>

Clicking the button takes us to a second page than has another button - this time a link :

<a href="button2.php">Button2</a>

If we click the second button, we are shown an error :

<form action="button2.php" method="POST">
    FORM DISABLED. THIS INCIDENT HAS BEEN LOGGED AND REPORTED TO /dev/null                  
</form>

Now the hint was to look at the difference between the two buttons.

  1. The first button was form pointing to button1.php with a POST method
  2. The second button was a link, meaning clicking it send a GET request
  3. In the error page there is a form that points to button2.php with a POST method

This seems to indicate that we should try sending a POST requests to button2.php (I used Burp Suite's proxy and repeater for tha). And indeed when we do, we are given the flag : picoCTF{button_button_whose_got_the_button_dfe8b73c}.