Vishwa CTF: Web: UwU (469)

This is from the 2021 Vishwa CTF

For this challenge, we are given a URL:

Going to the site, we are given this page:

After a little poking around, I look for a robots.txt entry:

Interesting! Now I follow the clue and look for a robots directory:

I click the link on the page for the source code and I get this:

After reviewing the code, I see that the PHP is looking for an input parameter “php_is_hard” and it runs “preg_replace()” on it and evaluates the output of that.

  if (isset($_GET['php_is_hard'])) {
    $you_enter = $_GET['php_is_hard'];
    $we_enter = 'suzuki_harumiya';
    $the_final_one = preg_replace(
      "/$we_enter/", '', $you_enter);
      if ($the_final_one === $we_enter) {

Analyzing this code, I see that it takes my input and looks for all instances of “suzuki_harumiya” and removes it. Then it compares the resulting string to “suzuki_harumiya”. If it is true, then it runs the “open_up()” function.

I see that I can simply manipulate my input to “ssuzuki_harumiyauzuki_harumiya” and the script will remove the single instance of “suzuki_harumiya” in it and the resulting string will, in fact, be “suzuki_harumiya”. When I feed that input, I get this:

Leave a Reply

Your email address will not be published. Required fields are marked *