250pts
Access the site at https://cfta-wm05.allyourbases.co, then find and read the contents of the flag file, to get the flag.
- See that moving to a different directory makes a POST request to
https://6feducn4d2.execute-api.eu-west-1.amazonaws.com/stag/wm05with the JSON data{"path": "/boot" } - See that you can use
${IFS}as whitespace - Go through all directories and recursively list their files using
/${IFS}-alR- As there is a timeout of 3s, you need to do multiple on different directories
- Run
/var/task${IFS}-alRto see that there is a flag at/var/task/.../.flag.txt - Run
${IFS}|cat${IFS}/var/task/.../.flag.txtto get the flag
Flag: bh%3kx9j75%3k2*7!n