29 Replies to “Intro to Security CTFs for Beginners – Website Security Tutorial”

  1. Daniel Elmar says:

    The website wont load for me. ctf.slothparadise.com took too long to respond. ;-;

  2. VONcheshire says:

    sites down?

  3. Kenichi Mori says:

    Probability return buffer.

  4. H4CK3D 5KU11 says:

    Thanks for the tutorial brother. And it was very easy to understand especially for the beginners.

  5. Kenichi Mori says:

    思いますね。

  6. Mara Jonna Montesa says:

    I cannot access the slothparadise.com

  7. SYNACK21 says:

    After writing the Python script and running it, it did not work. The output below is what I got after running the script. Would you be able to help me out?
    [email protected]:~$ python about.py

    Traceback (most recent call last):

    File "about.py", line 3, in <module>

    about_page = urllib2.urlopen("ctf.slothparadise.com/about").read()

    File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen

    return opener.open(url, data, timeout)

    File "/usr/lib/python2.7/urllib2.py", line 421, in open

    protocol = req.get_type()

    File "/usr/lib/python2.7/urllib2.py", line 283, in get_type

    raise ValueError, "unknown url type: %s" % self.__original

    ValueError: unknown url type: ctf.slothparadise.com/about

  8. Arjun Bemarkar says:

    I’be made a beginner to intermediate difficulty ctf, i don’t make money off it, is it cool if i make a comment with the name of it?

  9. Key Bash says:

    How he puted the website on localhost ???????? I can't python the website with the normal url

  10. Tran Quoc Anh says:

    Here you go: KEY{YourSecondKey}

  11. Milcho Kyosev says:

    Well I literally wrote a single word and gave me the key, was I that lucky??

    KEY{YOURFIRSTKEY}

    KEY{YourSecondKey}

    KEY{GodIHopeYouScriptedThis}

    KEY{999ProblemsButAReloadAint1}

    KEY{AllXMLIsGarbageXML}

    KEY{WowSuchShibeWow}

  12. JustAPotota 54 says:

    Keys I've found:

    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{GodIHopeYouScriptedThis}
    KEY{HackThePlanet}
    KEY{WelcomeToTheMatrix}

  13. Dylan Datta says:

    These are the keys I got. The XOR encryption was pretty hard, but the "scripts" one I just brute-forced.

    Site Keys:
    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{999ProblemsButAReloadAint1}
    KEY{GodIHopeYouScriptedThis}
    KEY{HackThePlanet}
    KEY{AllXMLIsGarbageXML}

    hardstuff.zip Keys:
    KEY{WelcomeToTheMatrix}
    KEY{SecretCodesWithXorsAren'tVerySecret}
    KEY{AreYouAMathMajor?}

  14. Zombie D0G says:

    Hey guys i found 9 keys… hope others found too…..
    the encrypted thing is the hard part others are ok 😉

    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{HackThePlanet}
    KEY{AllXMLIsGarbageXML}
    KEY{999ProblemsButAReloadAint1}
    KEY{WelcomeToTheMatrix}
    KEY{GodIHopeYouScriptedThis}
    KEY{WowSuchShibeWow}
    key[sECRETcODESwITHxORSaRENTvERYsECRET]

  15. Sr Alejo says:

    Well, now I feel like a genius xD

    KEY{YOURFIRSTKEY}

    KEY{YourSecondKey}

    KEY{GodIHopeYouScriptedThis}

    KEY{999ProblemsButAReloadAint1}

    KEY{AllXMLIsGarbageXML}

    KEY{HackThePlanet}

  16. The Giant Hog says:

    The "control Z" at 8:10 isn't working with my Ubuntu, it prints ^Z in blue instead. Any help?

  17. Like Me says:

    that what i've fount far away 😀
    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{HackThePlanet}
    KEY{WelcomeToTheMatrix}
    KEY{GodIHopeYouScriptedThis}
    KEY{AllXMLIsGarbageXML}

  18. GladGulGubbe94 says:

    Seems like you can get the Walled Garden key without that script,

    just had to type in "test" and submit, works every time

  19. តន្រ្តី - Dontrey says:

    you can try input " test " to name with Walled Garden

  20. Furiously Eclectic Video says:

    Keys found so far:

    in order:

    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{WowSuchShibeWow}
    KEY{GodIHopeYouScriptedThis}
    KEY{AllXMLIsGarbageXML}
    KEY{HackThePlanet}
    KEY{WelcomeToTheMatrix}

  21. Rubiksmaster02 says:

    also for the cookie page couldnt you just go to application on dev consle then cookies then change the cookies
    there?

  22. Rubiksmaster02 says:

    KEY{999ProblemsButAReloadAint1} was the most annoying because of the frikin spamming

  23. sriti 226 says:

    Can u pls tell me how to find keys in png or jpg image plssss

  24. Zed Xin says:

    Is it possible that they could hide flags/keys in css files?

  25. Jared Texas Ranger says:

    Here are the keys that I've found.

    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{GodIHopeYouScriptedThis}

  26. Aiah AbuDouleh says:

    You made my day 😀

  27. Anas Boulbali says:

    these me keys:

    KEY{GodIHopeYouScriptedThis}

  28. Sahil Sharma says:

    I was only able to find 4 out of the 6 keys before i watched the solution!

    these are the keys:
    KEY{YourFirstKey}
    KEY{YourSecondKey}
    KEY{GodIHopeYouScriptedThis} (got this without scripting. i understand why i got this key by trying only once after the solution)
    KEY{AllXMLIsGarbageXML}

  29. Sahil Sharma says:

    Is it possible to the loop using javascript? if so how would you do it? (not asking about the syntax. how would you run js through a terminal or something else). i tried making a javascript function in the console to refresh the page but it stops running the script after the first reload. which makes sense. i created a js script but not sure how to run it. sorry for the noob question, im new to web development and security

Leave a Comment

Your email address will not be published. Required fields are marked *