Web Filter - CTF 34
CTF Name: Web Filter
Topic: Web Exploitation
Flag Format: IHC_CTF{}
CTF Link: https://t.me/ctf_invisiblehc/60
Description:
Open the website and try to inject the website.
Solution:
I got one endpoint ?page= from that, I came to the conclusion this might be a vulnerable parameter.
?page=/etc/passwd is used to view password files if it is visible to the attacker which leads to sensitive disclosure of password files.
I entered /etc/passwd which gives results the flag.
flag: IHC_CTF{LFI_is_interesting}
Join Our CTF Channel: