https://web.archive.org/web/20140208040711/http://blog.y-shahinzadeh.ir/
This site was taken down this year – previously very active for 2 years in CTF activities for Iran
http://blog.y-shahinzadeh.ir/2013/04/aeoi-ctf-write-ups/ Life doesn't change, But people
do! Tue, 18 Feb 2014 06:53:49 +0000 hourly 1 http://wordpress.org/?v=3.7.1 http://blog.yshahinzadeh.ir/2013/04/aeoi-ctf-write-ups/#comment-2086 Sat, 31 Aug 2013 18:44:12
+0000 http://blog.y-shahinzadeh.ir/?p=840#comment-2086 [...] at least). We (Me and Morteza)
participated and our team ranked 33. We proudly ranked first in qualification round, though. It was due
to lack of free time and weekend, previous CTF was held in the middle of the [...]
]]> http://blog.y-shahinzadeh.ir/2013/04/aeoi-ctf-write-ups/#comment-2085 Sat, 31 Aug 2013 18:06:43
+0000 http://blog.y-shahinzadeh.ir/?p=840#comment-2085 [...] at least). We (Me and Morteza)
participated and our team ranked 33. We proudly ranked first in qualification round, though. It was due
to lack of free time and weekend, previous CTF was held in the middle of the [...]
]]> http://blog.y-shahinzadeh.ir/2013/04/aeoi-ctf-write-ups/#comment-2011 Thu, 16 May 2013
16:13:16 +0000 http://blog.y-shahinzadeh.ir/?p=840#comment-2011 It wasn’t absolutely an event
officially termed CTF.
]]> http://blog.y-shahinzadeh.ir/2013/04/aeoi-ctf-write-ups/#comment-2010 Thu, 16 May 2013
10:47:06 +0000 http://blog.y-shahinzadeh.ir/?p=840#comment-2010 The first CTF competition held by
isfahan university in 6th ISC confrence in 2004
see sbisc.ir
]]> http://blog.y-shahinzadeh.ir/2013/04/aeoi-ctf-write-ups/#comment-2009 Wed, 15 May 2013
14:56:51 +0000 http://blog.y-shahinzadeh.ir/?p=840#comment-2009 I think Sharif was the first
]]> http://blog.y-shahinzadeh.ir/2013/04/aeoi-ctf-write-ups/#comment-2008 Wed, 15 May 2013
11:32:39 +0000 http://blog.y-shahinzadeh.ir/?p=840#comment-2008 FYI, that was the first organized
CTF sponsored by AEOI
]]> http://blog.y-shahinzadeh.ir/2013/04/aeoi-ctf-write-ups/#comment-2002 Wed, 01 May 2013
18:17:50 +0000 http://blog.y-shahinzadeh.ir/?p=840#comment-2002 Thank you, saying hi from
Iran
]]> http://blog.y-shahinzadeh.ir/2013/04/aeoi-ctf-write-ups/#comment-2001 Wed, 01 May 2013
06:29:20 +0000 http://blog.y-shahinzadeh.ir/?p=840#comment-2001 Great Blog, saying hi from the
United States
]]> http://blog.y-shahinzadeh.ir/2013/04/aeoi-ctf-write-ups/#comment-2000 Tue, 30 Apr 2013 06:36:49
+0000 http://blog.y-shahinzadeh.ir/?p=840#comment-2000 Hi,
scoreboard changed finally.
we got 4th place & scoreboard will be changed in these days.
our Blog
Best regards,
]]> http://blog.y-shahinzadeh.ir/2013/04/aeoi-ctf-write-ups/#comment-1999 Mon, 29 Apr 2013
11:30:27 +0000 http://blog.y-shahinzadeh.ir/?p=840#comment-1999 Hi, good job bro
adding host header in Burp is not needed for crawling
just add webhack-02.ctf and challenge IP to hosts file
]]>
Yashar Shahinzadeh AKA Sc0rpion: Security consultant, Web security enthusiast,
expert in PHP exploitation and development. Experienced in working with some
companies as security manager and auditor.
Morteza khazamipour AKA Mormoroth: IT Expert. CEO @ ISCN Hacking team Pen-test
and security research. proficient on penetrating web applications in black-box mode.
Search
Yashar
shahinzadeh
official blog
Life doesn't change, But people do!
Skip to content
Remote buckups,
WordPress plugins
Third parties have always been a danger for content management
systems which are relatively secured (As a tangible example, Joomla or
WordPress). I’ve recently been working on some WordPress’s plugins
thanks to a penetration test project. Today I’m updating here covering
two plugins’ analysis; another update will be allocated for some other
plugins. Better WP security and WP security scan are two plugins
concerning about WordPress security. However, I feel being insecure
with them. Some days ago, I reported scandalous security issues on
mentioned plugins. In the rest of the post, I’m trying to expand them on
by extra details. …continue reading
Logical vulnerabilities,
inspiration
: All, News, web application: Written by Yashar Shahinzadeh : 01-02-2014
Logical vulnerabilities are much more dangerous, and they are often
semi-harder to find compared with technical holes, and nobody can
deny it. These days, everyone boasts on his penetration testing skills,
having security projects have become common-place. Furthermore,
scanning a web application by a vulnerability scanner such as Acunetix
is widespread. If we pay more attention, and being more realistic, we
end up a professional penetration test doesn’t only comprise automatic
scanning. However, a scanner would be a big help in crawling and even
digging application for technical vulnerabilities in back-end
components, notably within a black-box tests of giant
applications. …continue reading
About 4th Sharif university’s
CTF
: All, CTF, Sharif CTF: Written by Yashar Shahinzadeh : 12-01-2013
Fourth Sharif university’s CTF was successfully held on 20 of
November, 2013 in in department of computer engineering . I took part
in contest with Respina team name, and we proudly ranked first!
further information can be found here. The rivalry was very intensive,
and there were many Iranian hacking teams appeared in local area. The
score-board had a dozen of fluctuations which resulted in being
unpredictable ranking of teams, notably in the last hour of contest that
the score-board had been frozen, whereas we was staying at first place
in most times (except a short duration).
Limonade directory traversal
filter bypass
: All, Bypassing, Local file disclosure, PHP: Written by Yashar Shahinzadeh : 11-18-2013
I’ve recently been occupied by a security research about detection and
exploitation of well-known vulnerabilities. Consequently, I’ve had to
develop some applications suffering various holes deliberately that I’ve
carried out some parts by Limonade framework. While I was coding a
page, I suddenly found a suspicious directory traversal filtering seemed
to be bypassed easily at a glance. I spent some time that it was followed
by setting up a page receiving a file’s name as input, opening and
showing correspondent contents as response.
About Nsec CTF + challenging
question
: All, Bypassing, CTF, Linux, PHP, Server hacking: Written by Yashar Shahinzadeh : 1016-2013
Few days ago, Nsec CTF organised by UITcert was successfully held in
Isfahan locally. If I want to be more exact, it was begun from 9th of
October (2013) for two consecutive days covering Jeopardy and AttackDefense formats respectively. I participated in the CTF with Respina
team, we were three people. However, we were allowed to be 4 as other
teams mostly were. Two teams had to be eliminated in the first day,
obviously the last two in the score-board. We proudly accomplished
scoring first in both days. There were many changes in score-board
throughout the period of contests (The …continue reading
CSAW CTF 2013 write-ups
: All, CTF: Written by Yashar Shahinzadeh : 09-22-2013
Well, the CSAW CTF was just finished few minutes ago, it was very
fascinating and challenging. We ranked 68 among ? participants and
1386 teams who accomplished solving a challenge at least! Some tasks
required good skill of programming, some needed intelligence within
knowledge. From where I stand, the Recon tasks were amazing, the
webs were hard and about my favorite category I indicate
Miscellaneous! Despite of our action which we put every challenges we
solve, this time we decided to publish interesting ones, and hold the
others. We will update this post and ha.cker.ir if we receive any
request …continue reading
Brute force challenge?
: All, brute-force, Linux: Written by Yashar Shahinzadeh : 09-19-2013
Although brute-force attacks are useless these days, there are still some
cases which conducting a brute-force attack might bring outstanding
results. When we talk about brute-force, THC-Hydra is probably the
first choice comes across your mind, after that there would be some
alternatives. The story begun about roughly 10 days ago when I heard
about http://www.pentesteracademy.com in Twitter and its challenges.
Some after, I saw people solved the challenges mostly by coding within
Python. Consequently, I decided to spend few hours to solve the
challenges, in different ways albeit. I the following, I start putting the
walk-through of four challenges …continue reading
Third sharif CTF online writeup (Final round)
: All, CTF, PHP: Written by Yashar Shahinzadeh : 09-12-2013
Last night I was searching for a file I’d lost, suddenly I found an
interesting folder named ANS. There were final Sharif’s CTF write-ups
which have never been published in their official site(?). The final round
was held on February the 12th ,2013 locally in department of computer
engineering for the third time. The web section challenges were
categorized by Windows and Linux separately. Consequently, there are
two write-ups in PDF format. I’ve written them in Persian language, and
there is no alternative for dear readers knowing English. Sharif CTF
final round’s write-ups (Linux) Sharif CTF final round’s write-ups
(Windows) …continue reading
ASIS CTF write-ups
: All, CTF, PHP: Written by Yashar Shahinzadeh : 08-31-2013
In general, I never take part in CTFs except some. Today, ASIS CTF was
held with more than 150 teams (128 teams accomplished solving a
challenge at least). We (Me and Morteza) participated and our team
ranked 33. We proudly ranked first in qualification round, though. It
was due to lack of free time and weekend, previous CTF was held in the
middle of the week and we were at our workplace, truly we were a team
not two people only. However, it’s finished and this post is completely
allocated to its write-ups. I personally put the Web section writeups. …continue reading
Exploiting FCK editor
: All, Hacking, Hacking tool, PHP: Written by Yashar Shahinzadeh : 08-02-2013
In this update, I’m going through exploitation of a unprotected
FCKEditor located in a server. It must be noted that this post isn’t a new
bypass or method, it’s a simple exploit I’ve been implementing in my
penetrate tests. I’ve seen many administrators who have heard about
file upload vulnerability removing HTML interface, and they regard this
procedure as a preventive factor. However, it isn’t definitely, lack of
HTML interface doesn’t mean that an attacker cannot exploit the uploader. An efficient way would be restricting access or even updating
FCKEditor (I currently don’t know whether it’s patched against old
arbitrary …continue reading
Search
February 2014
M
T
W
T
F
S
S
1
2
« Jan
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
February 2014
M
T
W
T
F
24
25
26
27
28
S
S
Recent Posts

Remote buckups, WordPress plugins

Logical vulnerabilities, inspiration

About 4th Sharif university’s CTF

Limonade directory traversal filter bypass

About Nsec CTF + challenging question
Blogroll

0x0ptim0us's blog

Abbas naderi's blog

Faryad's blog

http://pentesterlab.ir/blog/

Me on twitter

Mormoroth's blog

Shabgard's forum

WebAmooz
Archives

February 2014 (1)

January 2014 (1)

December 2013 (1)

November 2013 (1)

October 2013 (1)

September 2013 (3)

August 2013 (2)

July 2013 (2)

June 2013 (1)

May 2013 (1)

April 2013 (1)

March 2013 (3)

February 2013 (1)

January 2013 (2)

December 2012 (2)

November 2012 (2)

October 2012 (2)

September 2012 (1)

August 2012 (4)

July 2012 (8)

June 2012 (2)
Categories

All

brute-force

Bypassing

Cross site request forgery

Cross site scripting

Cryptography

CTF

Farsi

Hacking

Hacking tool

Java

Linux

Local file disclosure

Man in the middle

Mssql injection

MySQL injection

News

PHP

Physics

Server hacking

Sharif CTF

web application
Meta

Log in

Entries RSS

Comments RSS

WordPress.org
© 2014 - Yashar shahinzadeh official blog