SHA2017 CTF – web400 write-up

I created several challenges for SHA2017 CTF. One of them was the web400 ‘A View of Holland‘ challenge, a web challenge featuring an image gallery with some nice images from Holland. I always try to create challenges which give a clear idea of what you should do. The challenge may be challenging, but it shouldn’t be a needle in a haystack. There were 2 solves of this challenge, so I succeeded in the challenging part and reading the write-up of ESPR I see that they followed the intended solution till the brute-forcing of the mt_rand seed.

This post will contain the write-up of the intended solution of this challenge.

(more…)