-
This CTF challenge is an SSRF challenge with some additional filtering compared to the "get flag1" challenge that was previously solved.
The challenge provides a URL form where a user can input a URL, and the goal is to bypass the filtering and trigger an SSRF attack.
Payload
http://0x7f.0x00.0x00.0x01:9001/flag.txtThe payload used to trigger the SSRF attack is the URL "http://0x7f.0x00.0x00.0x01:9001/flag.txt".
In this URL, the "0x7f.0x00.0x00.0x01" part represents the localhost IP address.
Exploit
By inputting this URL into the form,
the challenge is to bypass the filtering and successfully trigger an SSRF attack to read the contents of the "flag.txt" file located on a server running on localhost at port 9001.
FLAG : ictf{l0c4l_byp4$$_323theu0a9}
'CTF > Incognito 4.0' 카테고리의 다른 글
[Incognito 4.0] massive (0) 2023.02.19 [Incognito 4.0] get flag 1 (0) 2023.02.19 댓글 0
HACKINTOANETWORK
WEB APPLICATION BUG HUNTER, PENETRATION TESTER
