This won't be a long blog post, just a little pointer to an A/D CTF challenge
that I created last year: A damn vulnerable web framework written
In part I of the blog series, we will go over some "history" files that are
commonly found on web servers.
What are history files?
Most interactive commandline
Last year I did some research on how an exposed ~/.ssh/ folder on a web server can lead to a complete pwnage. Here's the deal:
I was browsing wpvulndb.com when I stumbled upon the InfiniteWP Client authentication bypass. Being curios, I wanted to reverse engineer the unpublished PoC. Here's my (short) journey.
This is my quick & dirty write up for the X-MAS CTF Roboworld challenge.
The description is as follows:
A friend of mine told me about this website where I