websec.fr level25

tl;dr parse_url breaks in PHP5 on malformed input and returns false.

Screen-Shot-2018-05-09-at-3.33.04-pm

Referring to https://stackoverflow.com/questions/47807529 we can see that passing a malformed get parameter to parse_url gets it to return false, which then completely bypasses the flag keyword check.

http://websec.fr/level25/index.php?page=flag&send=Submit&a=12&b=12.3.3.4:1233
Show Comments

Get the latest posts delivered right to your inbox.