29 Replies to “Intro to Security CTFs for Beginners – Website Security Tutorial”

  1. Daniel Elmar says:

    The website wont load for me. ctf.slothparadise.com took too long to respond. ;-;

  2. Kenichi Mori says:

    Probability return buffer.

  3. H4CK3D 5KU11 says:

    Thanks for the tutorial brother. And it was very easy to understand especially for the beginners.

  4. SYNACK21 says:

    After writing the Python script and running it, it did not work. The output below is what I got after running the script. Would you be able to help me out?
    [email protected]:~$ python about.py

    Traceback (most recent call last):

    File "about.py", line 3, in <module>

    about_page = urllib2.urlopen("ctf.slothparadise.com/about").read()

    File "/usr/lib/python2.7/urllib2.py", line 154, in urlopen

    return opener.open(url, data, timeout)

    File "/usr/lib/python2.7/urllib2.py", line 421, in open

    protocol = req.get_type()

    File "/usr/lib/python2.7/urllib2.py", line 283, in get_type

    raise ValueError, "unknown url type: %s" % self.__original

    ValueError: unknown url type: ctf.slothparadise.com/about

  5. I’be made a beginner to intermediate difficulty ctf, i don’t make money off it, is it cool if i make a comment with the name of it?

  6. Key Bash says:

    How he puted the website on localhost ???????? I can't python the website with the normal url

  7. Here you go: KEY{YourSecondKey}

  8. Well I literally wrote a single word and gave me the key, was I that lucky??

    KEY{YOURFIRSTKEY}

    KEY{YourSecondKey}

    KEY{GodIHopeYouScriptedThis}

    KEY{999ProblemsButAReloadAint1}

    KEY{AllXMLIsGarbageXML}

    KEY{WowSuchShibeWow}

  9. Keys I've found:

    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{GodIHopeYouScriptedThis}
    KEY{HackThePlanet}
    KEY{WelcomeToTheMatrix}

  10. Dylan Datta says:

    These are the keys I got. The XOR encryption was pretty hard, but the "scripts" one I just brute-forced.

    Site Keys:
    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{999ProblemsButAReloadAint1}
    KEY{GodIHopeYouScriptedThis}
    KEY{HackThePlanet}
    KEY{AllXMLIsGarbageXML}

    hardstuff.zip Keys:
    KEY{WelcomeToTheMatrix}
    KEY{SecretCodesWithXorsAren'tVerySecret}
    KEY{AreYouAMathMajor?}

  11. Zombie D0G says:

    Hey guys i found 9 keys… hope others found too…..
    the encrypted thing is the hard part others are ok 😉

    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{HackThePlanet}
    KEY{AllXMLIsGarbageXML}
    KEY{999ProblemsButAReloadAint1}
    KEY{WelcomeToTheMatrix}
    KEY{GodIHopeYouScriptedThis}
    KEY{WowSuchShibeWow}
    key[sECRETcODESwITHxORSaRENTvERYsECRET]

  12. Sr Alejo says:

    Well, now I feel like a genius xD

    KEY{YOURFIRSTKEY}

    KEY{YourSecondKey}

    KEY{GodIHopeYouScriptedThis}

    KEY{999ProblemsButAReloadAint1}

    KEY{AllXMLIsGarbageXML}

    KEY{HackThePlanet}

  13. The "control Z" at 8:10 isn't working with my Ubuntu, it prints ^Z in blue instead. Any help?

  14. Like Me says:

    that what i've fount far away 😀
    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{HackThePlanet}
    KEY{WelcomeToTheMatrix}
    KEY{GodIHopeYouScriptedThis}
    KEY{AllXMLIsGarbageXML}

  15. Seems like you can get the Walled Garden key without that script,

    just had to type in "test" and submit, works every time

  16. you can try input " test " to name with Walled Garden

  17. Keys found so far:

    in order:

    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{WowSuchShibeWow}
    KEY{GodIHopeYouScriptedThis}
    KEY{AllXMLIsGarbageXML}
    KEY{HackThePlanet}
    KEY{WelcomeToTheMatrix}

  18. also for the cookie page couldnt you just go to application on dev consle then cookies then change the cookies
    there?

  19. KEY{999ProblemsButAReloadAint1} was the most annoying because of the frikin spamming

  20. sriti 226 says:

    Can u pls tell me how to find keys in png or jpg image plssss

  21. Zed Xin says:

    Is it possible that they could hide flags/keys in css files?

  22. Here are the keys that I've found.

    KEY{YOURFIRSTKEY}
    KEY{YourSecondKey}
    KEY{GodIHopeYouScriptedThis}

  23. these me keys:

    KEY{GodIHopeYouScriptedThis}

  24. Sahil Sharma says:

    I was only able to find 4 out of the 6 keys before i watched the solution!

    these are the keys:
    KEY{YourFirstKey}
    KEY{YourSecondKey}
    KEY{GodIHopeYouScriptedThis} (got this without scripting. i understand why i got this key by trying only once after the solution)
    KEY{AllXMLIsGarbageXML}

  25. Sahil Sharma says:

    Is it possible to the loop using javascript? if so how would you do it? (not asking about the syntax. how would you run js through a terminal or something else). i tried making a javascript function in the console to refresh the page but it stops running the script after the first reload. which makes sense. i created a js script but not sure how to run it. sorry for the noob question, im new to web development and security

Leave a Comment

Your email address will not be published. Required fields are marked *