Pen Test CTFs: Immersive Code Q4

Question

Fellow Cyber Enthusiasts,Im having a slight issue with the CTF Immersive code Question 4 - The fourth token can be found once you've obtained RCE on the target server. What's the fourth token?Without giving the game away, I have; 1. Gained access using the creds left in credentials.txt. 2. Used a similar method to read the README file after using cyberchef. 3. Accessed the Werkzeug app for token 3.Q1s vulnerable **.php was useful for Q1 &amp; Q2. but doesnt help me get RCE. I have another r_s.php i also think could be vulnerable but i dont get anything visible back. I have bypassed the session check with the correct one pulled from the function.What could i be missing. Not after the correct answer as i know its a CTF but a steer would be appreciated.&nbsp;Cyber Sharpe S&amp;B

cybersharpe · Answer

Cancel, I just wasn't paying attention. Its pretty much the same vuln the whole way through. Consider this solved.&nbsp;

Forum Discussion

Pen Test CTFs: Immersive Code Q4

1 Reply

Featured Places

Help & Support Forum

Related Content

Secure Testing: SQL Injection

World Cup Special: Immersive Squad

Immersive Community Meetup - Bristol

Course Secure Testing: XSS

Immersive Community Meetup - Bristol

Recent Discussions

Practical Malware Analysis: Static Analysis question 18

Pen Test CTFs: Immersive Code Q4

Discovery: Enumeration Scripts – Part 1

Powershell Deobsfuscation Ep.7

Windows Basics: Ep.3 – Registry Roadblock