Feb. 2, 2024, 4:18 a.m. | Hanzala Ghayas Abbasi

InfoSec Write-ups - Medium infosecwriteups.com

Blitztorm

Challenge Name : Tindog.

Description : The developer knows how to code, but he doesn’t know about security.

Author : Hanzala.

Points: 100.

When we start our instance, we can see a static page about dogs.

Tindog_Page

Inspecting the page reveals a comment.

Code

We can see some research about dogs from the research.html file.

research.html

Using Wappalyzer, we can identify that the technology being used is PHP.

Wappalyzer

Applying a PHP filter will provide us with base64-encoded PHP …

author can code ctf developer dogs file hacking html identify instance name official page points research security start web write-up writeup

Deputy Chief Information Security Officer

@ United States Holocaust Memorial Museum | Washington, DC

Humbly Confident Security Lead

@ YNAB | Remote

Information Technology Specialist II: Information Security Engineer

@ WBCP, Inc. | Pasadena, CA.

Senior Cloud Security Engineer

@ Cofense | Remote, United States

Cyber Hygiene GCP Cloud Junior Engineer

@ Deutsche Bank | Bucharest

Engineer - Software - Cyber

@ Valeo | BANGALORE - BAN1