Calculat3 M3
80 points Hard

Here! http://web.ctflearn.com/web7/ I forget how we were doing those calculations, but something tells me it was pretty insecure.

Flag
Web · intelagent
6141 solves
Rating 4.28
5
4
3
2
1
Must solve to rate

Discussion

avatar
ag3nt_0

1 week ago

Reply Share

ez

0
avatar
ag3nt_0

1 week ago

Reply Share

ez

0
avatar
Aaronvky

1 month ago

Reply Share

i think it's quite simple, i just make a request and capture with burp i see the expression in the body of the request and i send the command like ;whoami it's not return anything and i also tryied the other linux command in the ;ls command reveals the flag it's a easy challenge one

0
avatar
lokki

6 months ago

Reply Share

that gave me a hard time breathing like 90% of cybers would go for xss and sql injections even in the expression field , most of us tried the to exploit the "id" sqli method

0
avatar
Kakarot

7 months ago

Reply Share

that was... so much easier than I was making it. deleting readonly or hitting up console with a document.getElementById('d').removeAttribute('readonly'); cantrip helps. from there jus try injecty stuff

0
avatar
defola

7 months ago

Reply Share

I gotta say the chall is too easy that it is too hard !

0
avatar
CSEY13

11 months ago

Reply Share
Protected
0
avatar
Sid110307

1 year ago

Reply Share

Ok this one was pretty hard

0
avatar
AliET

1 year ago

Reply Share

the challenge is Broken :(

0
avatar
4hackGROUPs

1 year ago

Reply Share

simple stuff

0
avatar
nikosFan

3 years ago

Reply Share
Protected
0