Breathtaking View
Check out my new website showcasing a breathtaking view—let’s hope no one can ‘manipulate’ it!
phuonganh is a
References:
- https://retherszu.github.io/ctf/hack-the-box/challenges/web/breathtaking-view.html
RCE (Remote Code Execution)
Remote Code Execution (RCE) is a vulnerability that allows an attacker to execute arbitrary code on a target computing device. As its name suggests, this attack is carried out remotely with no physical access.
🔥 2. Weak Validation — Only Blocks ‘java’ Substring java Copier Modifier if (lang.toLowerCase().contains(“java”)) This is clearly meant to stop a specific vector. But it’s super weak.
Examples of bypasses:
?lang=JaVaScript
?lang=java. (with a dot)
?lang=ja va
?lang=jаva ← using a Cyrillic ‘а’ (Unicode trick)
A simple vulnerable springboot application. You have to find a way to gain RCE exploiting its template engine, a little curve ball in the end to bypass simple code execution filter, and get a stable reverse shell.
It is all about finding the correct payload to be used.
I just conquered the “Breathtaking” challenge on HackTheBox! 🎉 This web challenge, created by yentran1411, involved exploring a website showcasing a “breathtaking.” The challenge description hinted at potential manipulation, so I knew I had to dig deeper. It was a fun exercise in web exploitation and required me to think outside the box (or perhaps, inside the website’s code!). I had to leverage my knowledge of web development, security principles and common web vulnerabilities to uncover the hidden vulnerability and ultimately gain access. Thanks to yentran1411 for crafting such an engaging and thought-provoking challenge! It’s always rewarding to test your skills and learn something new. Challenges like these are what make HackTheBox such a valuable resource for anyone in the cybersecurity field.