gottheevidence's Introduction

Got The Evidence

This CTF story is based on the Resident Evil Movie. There is a devil company name "Umbrella" which involves illegal activities a lot. So the player needs to find the evidence that the "Umbrella" is doing some illegal stuff.

Scenario

Here, The user know only there is website for the "Umbrella" company. There is no details were exposed.

Vulnerabilities

Sql Injection
Directory Traversal
Sensitive Data Exposure
Stored XSS
File Upload
Remote Code Execution
Privelege Escalation

Write-Up

1] First We see the Login Only

2] View Page source leads some info about developer

3] use sqli

4] The data from the user login

5] check the trash

6] download sql

7] visit blog

8] found comment section

9] bypass login by sqli and found the adminCheck credential

' OR '1'='1' -- -

' OR id=(SELECT id FROM (SELECT id FROM user_details ORDER BY id LIMIT 1 OFFSET 1) AS t) -- -

( i really planned a different thing , i planned to use the stored xss and create a admin login simulation for being victimized in the XSS attack. But due to some docker network issue , i changed the plan)

10] login to admin account

11] see the gallery

12] upload option supports all data

13] upload the rce file and the flag is in the root directory

ThankYou

Thanks for the oppurtunity after a long time i worked this much Due to my end sem examination, I can't do as i planned but i nearly completed what i thought I'm to work as a team and correct my self

Recommend Projects

karuppan-the-pentester / gottheevidence Goto Github PK