If you like to read our old blogs you are welcome, I4INFO Want to be a member of our team, contact us!
This was something unusual , when I saw it I thought by seeing it would be an injection , tried all the stuff. Didn't work , and was waiting for the writeup in ctftime.
When the writeup came it was intresting , it was some crlf , which means " Carriage Return and Line Feed ". That is something new for me , and something to learn. When I googled I found that is something which is simple and but has affectd in many pages in google adsense .
\n means line feed and \r means carrige return. %0d is carriage return and %0a is line feed. And here the problem is about memcache it is distributed memory caching system. The main aim is to obtain the flag , for that we look for memcache commands.
curl "http://login2.chal.mmactf.link/" --cookie "ss=%0d%0aget 770e33cbe1d236a5233adacd95995e2f8ca71a21b65eb756d7f894647b6168c2"
curl "http://login2.chal.mmactf.link/" --cookie "ss=%0d%0aset adminkey 0 3600 20%0d%0a{\"username\":\"admin\"}"