Tags: php-comand-injection web
### TokyoWesterns CTF 4th 2018. *SimpleAuth* Writeup by E-Toolz team
`http://simpleauth.chal.ctf.westerns.tokyo/ ` - Link
This source page is given at task. It parses GET requests on the URL of task.
(# - comments)
> Short characteristic of HTTP GET:
> Client send parameters in URI after the ? symbol and divided with & symbol so URL looks like:
> From the left side of '=' is filled name which we set. From the right side is its value.
> We can find out field names from the source: they are used as `$res` fields.