Target from: CTF Playground

Intermediate, Non rootable, Timed

ginx / 0.0.0.0

2: Flags (2:app)
1: Service
1,310 pts
Avg. headshot: 2,407 minutes

33%

Level 6 / Securitas

novena / 392nd Place

0: Flags found
1: Service discovered
10 pts

Visit the page and pay attention at the files included and their locations.

Proxying requests with user provided input can lead to catastrophic consequences. See if you can grab the flags by:

  • accessing the index.html from the internal web server http://127.0.0.1/index.html
  • by making the server perform a request to a server controlled by you

To start the challenge connect to http://10.0.14.22:1337/. Your timer starts from the first time you connect to the service.

Activity Stream

Latest activity on the platform

novena Is getting started with ginx for 10 points, 28 months ago