Thoughts, writeups, and experiments in cybersecurity and coding
Difficulty: Hard but Fun 1. Challenge Overview We are given a Flask application that mimics a login portal. The goal is to access the internal /home route and read the flag using the /readflag binary. The Obstacles: 2. Vulnerability Analysis The WAF (No Quotes, No Periods) The WAF makes standard attacks impossible. The “Swallow” (SQL … Read more
Difficulty: Hard but Fun 1. Challenge Overview We are given a Flask web application with the following source files: The Goal: We need to execute the /readflag binary to get the flag. The Obstacles: 2. Vulnerability Analysis The SQL Injection (The “Swallow”) The application constructs the SQL query using Python f-strings, which is vulnerable to … Read more
1. Challenge Overview In this challenge, we encounter a web application built with Python (Flask) and a MySQL database. Our goal is to read the flag located at /root/flag.txt. However, we cannot access the file system directly; we need to find a way to trick the server into executing a command for us. This challenge … Read more