Last updated 1 year ago
Was this helpful?
send the request to burp repeater since we can execute commands this is command injection vulnerability
command injection vulnerability
if we try directly to execute linux commands they will be blocked
let's read the file cyberheroines.sh
FLAG="CHCTF{t#!$_!s_T#3_w@Y}" echo -n "$FLAG" | sha256sum > cyberheroines.txt
CHCTF{t#!$_!s_T#3_w@Y}
searching in we find a working payload to bypass the restriction being put on this challenge
