20 lines
1.2 KiB
Markdown
20 lines
1.2 KiB
Markdown
We are given a site where we can check the status of websites.
|
|
|
|
Entering a valid URL such as ``https://google.com`` will return us the HTTP status code as seen in the following screenshot.
|
|
|
|
|
|
|
|
Entering a semi-colon (;) will break the command. We can try to use the payload ``; whoami`` and we are returned ``www-data`` as our user as seen in the following screenshot.
|
|
|
|
|
|
|
|
We can attempt to use the command ``; sudo -l``. We can see that we are able to run any command as sudo without a password as seen in the followings screenshot.
|
|
|
|
![wimg-3]()
|
|
|
|
We can attempt to use the command ``; sudo ls /root/`` to list the root directory. We can see that there is a file called ``flag.txt`` as seen in the following screenshot.
|
|
|
|
![wimg-4]()
|
|
|
|
We can read the contents of the file by using the command ``cat /roo/flag.txt``. The flag is: ``HEX{N3tw0rK_ErR_500_W1kS2kKiL}``
|