An alarming sight

Cyshock CTf

Info

Details

Challenge Overview

This challenge presents us a webpage with a input form for analyzing temperatures and current from some satelites system. As we enter 'help' in the command sender we get that the only commands we're allowed are: status, clear, ping, capture. Nothing to do with a flag.

I tried inspecting the page source, to view if there are any cookies, fuzzing with tools like gobuster or dirsearch but nothing come up. Then I was pretty sure that we should get the flag using the command sender, with a command injection or something.

After some tries, we discovered a basic XSS STORED payload - ping <img src=razvanttn onerror=alert(1)>

You can check and try a lot of payloads using XSS Cheat Sheets. This works not only with XSS Vulnerability, but also with SQLI, SSTI, and others.

After injecting it, we're told that we should exploit this vuln.

Trying the same payload on firefox browser is the solution, I don't know why, maybe skill-issue or it was something about the User-Agent.

Final Flag

made by k0d

PreviousA new song NextIn front of my eyes

Last updated 10 months ago

hashtagChallenge Overview

hashtagFinal Flag

Challenge Overview

Final Flag