CachedWeb: chain SSRF with path control to reach the internal target and read the flag.
web
Rce
9 postsweb
Amidst Us
Amidst Us: find the command execution path, trigger it cleanly, and read the flag.
web
Letter Dispair
Letter Dispair: find the command execution path, trigger it cleanly, and read the flag.
weblocked
Interstellar
weblocked
Breathtaking View
weblocked
Pentest Notes
weblocked
ScreenCrack
web
C.O.P
C.O.P: exploit the SQL injection, extract the needed data, and reach the flag.
web
Toxic
Toxic: abuse unsafe deserialization to cross the trust boundary and reach the flag.