Stripe CTF 2.0 web edition challenge has recently ended. It was lots of fun to participate in.

About 7 thousand people have completed the first level and 978 people have completed the whole 9 challenge CTF competition. Leaderboard.

Now that the challenge has ended, people have posted their impressions and solutions to challenges. Stripe CTF 2.0 Write-Up is a great write-up by droogie from IOActive Labs Research. He posted solutions to all 9 problems with brief explanations for those solutions.

List of attacks:

  • Level 0 - SQL Injection
  • Level 1 - Misuse of PHP Function on Untrusted Data
  • Level 2 - File Upload Vulnerability
  • Level 3 - SQL Injection
  • Level 4 - XSS/XSRF
  • Level 5 - Insecure Communication
  • Level 6 - XSS/XSRF
  • Level 7 - SHA1 Length-Extension Vulnerability
  • Level 8 - Side Channel Attack