Posts List

Olympic CTF CURLing tasks

I had the honour to participate with int3pids in the #Olympic CTF and these are the write ups of the Web tasks we solved. CURLing 200: Xnginx In this level we were presented with a simple web site where we could check some news First thing to notice is that the news URL is vulnerable to path transversal: Since the name of the task was xnginx I looked for the nginx configuration file: