Page not Found - CTF 96
CTF Name: Page not Found
Topic: Web Exploitation
Flag Format: ICTF{}
Description:
This website has many page. But you should find the flag page. Password page may help you.
Solution:
When we visit the challenge URL, we see a simple webpage. Firstly, I tried to access /robots.txt, but I didn't find anything useful. Then, I checked /sitemap.xml and found some page URLs.
I visited one of those pages and discovered an endpoint ?page=, which seemed to be a potentially vulnerable parameter. By entering /etc/passwd as the value for the parameter, I was able to view the password files and uncover the flag.
flag: ICTF{1NC1U510N_D0N3_10C411Y}
Join Our CTF Channel: