Hacker101 CTF Solutions/Resources


#1

I’ve been scouring the internet since finding out about the Hacker101 CTFs and haven’t found any solutions to help along the way. (ctf.hacker101.com/ctf)

I feel I am really close on a few of the challenges, but being new to the scene, it would be great to have a place to refer to instead of continually banging my head against the wall. I would then be able to re-trace the steps it took to get to those solutions, or see if I was off by a simple encoded character or something.

So, my question is, has anyone here completed those CTFs? I’m particularly stuck on the Micro-CMS v2 and the Photo Gallery ones.

Sorry if this is more of a General Security Discussion topic.

Thanks!


#2

They provide video lessons about every subject in the ctf series:


#3

I appreciate the reply!

The videos are helpful and touch on the basics, but they don’t prepare you for the CTFs. I took a break from them for now and am using some other resources. I plan on going back to them in a few weeks.

I will probably do a writeup with hints and possible solutions as long as they are okay with it. The idea is awesome, could just use a little more support for the beginner side of the spectrum.


#4

@absoThe I am also working on the hacker101 ctf, and I am getting suck too. Have you started working on the hints and solution yet? If so could you post a link to them. I am getting stuck on the easy ones, and I am not sure what I am missing. What resources are you using to learn? Thanks!


#5

Hey @theNerdyFeline, I haven’t actually started writing any technical writeups. I have been keeping notes of how and what I have solved for the most part though. I have found 18 flags so far, so I’m progressing pretty well I believe.

I recommend joining the #RedSec discord channel, lots of helpful and smart people. I can get you an invite if you need one. I have been reading through Web Application Hacker’s Handbook 2, Web Hacking 101, and reading disclosures and blogs. I think the most important thing is to specify one vulnerability you want to “understand” and do it. Then when you feel good about that one, move on. I started out with breadth first, which is nice, but a lot of programs have already had the low hanging fruit picked and that is all you will probably find with breadth and little depth.

Those are my thoughts, I’m less than a month into learning, so take them with a grain of salt!


#6

@absoThe getting an invite to that channel would be great. I read through both those books, and I only found half as many flags. I tend to over complicate it, and I have been stuck on the easy levels for a while now. I tried some of the moderate levels, but have not found one there yet. I have been doing the same thing, I write down how I found them all, plus what I have tried, and any interesting finds that might lead some where. Thanks!


#7

It takes time for sure. I just sent you a message with an invite link. Feel free to PM me anytime, my name is the same as it is here.


#8

Could you get me an invite to the #RedSec discord channel? Thank you.


#9

@absoThe Hi, did you find a solution yet? did you work on some of the other challenges. I’m currently stuck at the last flag of ‘Cody’s first blog’.
I did solve the other easy and medium challenges (including the ones you mentioned in your original post) and this is the last one for me to solve (plus the two hard ones which I havent looked at yet).
Maybe you or someone else have some time to discuss the challenge, what I have tried so far and what else I could look into ?
Any further help or advice will be much appreciated.

Best
Zaphoxx


#10

Hi there, would be nice if I also could get an invite to #RedSec if you dont mind. Best