From aldeid
Jump to navigation Jump to search
You are here

[Day 19] Commands


Another day, another hack from the Christmas Monster. Can you get back control of the system?

Access the web server on http://[your-ip]:3000/

McSkidy actually found something interesting on the /api/cmd endpoint.

Check out the supporting material here.

#1 - What are the contents of the user.txt file?

We are told that there is a web service running at the following URL:

After trying a few injections, methods, I found that the following request was returning something interesting:

$ curl -s

Following the logic, I was able to locate the home directory, and found the user.txt file:

$ curl -s

$ curl -s

I then changed from ls to cat to show the content of the flag:

$ curl -s

Answer: 5W7WkjxBWwhe3RNsWJ3Q