Target from: CTF Playground
Intermediate, Non rootable, Timed
inject / 0.0.0.0
3: Flags (2:app, env)
1: Service
1,310 pts
Avg. headshot: 372 minutes
Level 4 / User
sastonrobert / 604th Place
1: Flags found
1: Service discovered
310 pts
Everyone speaks about escaping user input to avoid injections but if you are a developer trying to actually implement a protection like this you are on your own.
The developer of this application, had all the good intentions, he even used some suggested solutions from stackoverflow.com... and we all know how well that usually goes.
To start the challenge connect with nc 10.0.14.25 1337. Your timer starts from the first time you connect to the service.
35 Headshots (newer first)
Sid110307, karpik, Atlantica, doofyr, hazy, cavca2012, darklordbnl, Pablo977, jaxafed, antonioban, 4rl4dn4, uApocryphon, No0ne, noother, AskTaimoor, Twelve, D1ie3z, novena, vicky5srrequiem, bas1c, Sev7en, ddr4ramm, Tr1s, PufferOverflow, Grosik, Pegasus, hitmanalharbi, Muzec, biba22, ElleuchX1, g0rchy, r0b0tG4nG, TheCyberGeek, mpz1 Writeup by:
Activity Stream
Latest activity on the platform