Chaining vulnerabilities to achieve Remote Code Execution (RCE).

Hey, I am W1C3, and today I will explain how, through chained vulnerabilities, we were able to achieve Remote Code Execution (RCE). In this challenge, we first used brute force techniques to discover directories that were previously unknown. Once we gained access to the “Browser” directory, we were able to send requests to the server’s internal network, which led us to the endpoint that was currently in development. We then performed fuzzing on the parameter used by the server to …

access browser brute challenge code code execution cybersecurity development directory discover display endpoint exploiting fuzzing hey internal internal network network parameter rce remote code remote code execution requests send server ssrf ssti techniques text the web vulnerabilities walkthrough web