TNI Cybersec
CTF writeups collection by TNI-Cybersec
VM
Upload Manager
| Type | Difficulty | Score |
|---|---|---|
| VM | Hard | 50 |
Instruction
We tried to build a secure upload manager web application. We have a secure function to check the uploaded file extension. You cannot upload the suspicious file to our system. However, it is still in progress and developing.
Information
Target IP Address
x.x.x.x
Allowed Ports
80
Hint
show
2nd order SQL injectionNew CVE
| Type | Difficulty | Score |
|---|---|---|
| VM | Hard | 50 |
Instruction
Just a new CVE for PHP framework, please hack me.
Answer format: web{….}
Information
Target IP Address
x.x.x.x
Allowed Ports
80