Home » Uncategories » šŸš€ Forbidden Path - PicoCTF | level : medium

šŸš€ Forbidden Path - PicoCTF | level : medium

Edit

šŸŒŸ Hello, CTF Enthusiasts!

Hey guys! This time, I’m tackling a medium-level PicoCTF challenge called "Forbidden Path." šŸ”„ Sounds intriguing, right? Especially for those of you who are always hyped up about solving CTF puzzles! šŸŽ®

šŸŽÆ The Challenge


Can you get the flag? Here's the setup:

We know the website files are located in:

/usr/share/nginx/html/

This folder is 4 levels deep from the root directory (/). So, to access /flag.txt, I need to traverse up 4 directories using relative paths (../../).

Here’s the payload I used in the Filename input:

../../../../flag.txt

Let's try it right away :



So after that, we click on the button and we find the flag:


and yeahh :



šŸ’” Professional Takeaways

1. Don’t Rely Solely on Others' Writeups

While it's helpful to refer to writeups for learning, don’t rely entirely on them. Solving challenges independently helps sharpen your skills and builds a deeper understanding of the concepts. Use others' solutions as a last resort or for post-solution learning. šŸ’Ŗ

2,.Evaluate Each Step

Always analyze why each step works. For example:

  • Why ../../../../ leads to /flag.txt?
  • How does the server handle or mishandle input?
    Understanding these points makes you a better problem solver and security professional.

Subscribe to receive free email updates:

0 Response to "šŸš€ Forbidden Path - PicoCTF | level : medium"

Posting Komentar

Langganan: Posting Komentar (Atom)