CTF Challenge - CTF Challenge #3

Completed the challenge

4 Likes

I feel like I am overcomplicating this… Is reverse shell needed for this? Or can everything be done on the web?

1 Like

Reverse shell is not required
The challenge is purely web related
Check the 2nd hint

1 Like

Hint 3 : Attack related to Xml in Owasp top 10

1 Like

Do we need to upload any code as an external file? I am struck. Could you please help?

2 Likes

Hint 4: There is a XXE vulnerability in this challenge by which you will be able to read files of the server.

2 Likes

Completed!

It was an interesting vulnerability. Learned just today. Thanks @yashswarup for creating this.

2 Likes

Thanks @rootsh3ll
I am glad you learned something new from the challenge.

2 Likes

Thanks everyone who participated in this challenge.
Now I am closing the challenge.
Bye

6 Likes

check out my writeup here : CloudSek Jan Challenge Writeup - Bhuvanesh's Blog

4 Likes

That’s great @SH4D0W

1 Like

I missed this waiting for the next challenge

1 Like

Sure! Stick around the community and be updated :grinning_face_with_smiling_eyes:

CTF Walkthrough :point_down:

1 Like