ctf

ctf writeup repo

View on GitHub

B’omarr Style, WEB 200 pti

Author: p4w

TL;DR

In this challenge we have to exploit a kid path traversal vulnerability in order to be able to modify and sign our jwt-token and gain RCE via pickle serialization.

Token analysis

alt login

alt login

alt login

Exploit

reference: