contact

Maximum Courage

Challenge Information

  • Category: Web Security

  • Level: easy

  • Points: 50

description

Max prefers to learn by practicing and not just reading all day, so he set up a webserver and hopes it stays secret, can you prove it has a weakness?

Solution

after access the lab we open it browser

lab

okaay we don't have access to open flag.php (the aim is to open it because it contain the flag )

now we need a tool to Scan the web server for directories, i will use drib you can find it here https://github.com/andrenth/drib,well let's go to our terminal command line (drib target )

drib

okay goog findings if we open this url we found another path , i opend it and it's unuseful but we know that this website has /.git so that’s mean that this website has Git directories , i will gittools for it you can got it from here https://github.com/internetwache/GitTools , well we will actually use ./gitdumper

i will explain command line first ./gitdumper.sh(script) and url (our target ) and name folder(the output will store in ) final ⇒ ./gitdumper <target> <name of folder>

gitdumper

okay open the folder and type ls -a <-a to appear hidden files>

i already serach on it but i did't find anything (you can search if you want it's up to you), now we try another tool called git we will use git status to see the changes that have been made for this repository command ⇒ git status

git tool

yeah it's just type git restore flag.php to solve the challenge 😄

flag

done 🎉

PreviousBack to basicsNextEasy access

Last updated