Planet DesKel

DesKel's official page for CTF write-up, Electronic tutorial, review and etc.

5 September 2020 write-up: old-25

1 minutes to read
Link point tag
old-25 150 LFI, PHP

Hello there, welcome back to another web-based CTF. Today’s challenge is about Local File Inclusion (LFI) and PHP wrapper.


There are 3 files in the local directory. As you can see, the page load hello.php as default. You will get nothing if you visit the index.php. My primary guess some of the code in the index.php is somehow unable to load.


As for flag.php, there are something hidden inside it. Perhaps a PHP code.


In my first attempt, I tried the Null-byte LFI attack by putting the following URL but didn’t yield any good results.

After I stumbled across an interesting article, it seems that I could use a Base64 PHP wrapper for my LFI attack



The reason that I can’t work with the null-byte is that the PHP version of the server is higher than 5.3.4. Submit the answer to Auth to complete the challenge.

tags: - lfi - php

Thanks for reading. Follow my twitter for latest update

If you like this post, consider a small donation. Much appreciated. :)


© 2020 DesKel