Shell escape - Dojo #36

Active until : 4th November - 2024
Authors: Owne, Brumens

How to submit your report

1. Visit the Dojo program at https://yeswehack.com/programs/dojo
2. Click on submit report
3. Login or create your account
4. Submit your report

---

Description

A friend of yours has created a web application that allows you to check the availability of your locally hosted services. He assured you that it is secure and even allowed you to run it as a test user!

Prove him wrong by reading the flag.txt file on the server.

~ The flag can be found in the file: /tmp/flag.txt

Goal

BRUTE FORCE IS NOT ALLOWED!
(Applies only to the Dojo challenge page itself.)

A valid solution for the challenge must meet these requirements:

• Your report must include a proof of concept (PoC) showing how you obtained the flag
• The flag must be included in the report