Target from: CTF Playground
Intermediate, Non rootable, Timed
ginx / 0.0.0.0
2: Flags (2:app)
1: Service
1,310 pts
Avg. headshot: 2,585 minutes
Level 11 / Senior PenTester
darklordbnl / 152nd Place
1: Flags found
1: Service discovered
510 pts
Visit the page and pay attention at the files included and their locations.
Proxying requests with user provided input can lead to catastrophic consequences. See if you can grab the flags by:
- accessing the index.html from the internal web server http://127.0.0.1/index.html
- by making the server perform a request to a server controlled by you
To start the challenge connect to http://10.0.14.22:1337/. Your timer starts from the first time you connect to the service.
49 Headshots (newer first)
alamillo, c0nfirm, echoOne, Ckabos, slash, napejpfonip, carloslaguna, lisibus, kr0w, Atlantica, GuyFawkes, doofyr, Byt3P4ss, xRuL0, fakeIn, b3li4d, Six666, poggiesai, cavca2012uApocryphon, DamianPellejero, userctf, antonioban, jaxafed, 4rl4dn4, noother, markuche, AskTaimoor, No0ne, NoBody, Clientname, Tr1s, khaledsh, D1ie3z, ddr4ramm, bas1c, srrequiem, vicky5, Sev7en, PufferOverflow, 0x1337, Grosik, r0b0tG4nG, Muzec, biba22, g0rchy, hitmanalharbi, mpz, Pegasus2 Writeups by:
Activity Stream
Latest activity on the platform