Relative Path Overwrite

Date

26 February 2024

Validations

109 Compromissions 10%

Note

2 Votes

Description

Warning : this CTF-ATD is linked to the challenge "Relative Path Overwrite".

A new file storage site has been launched. It aims to be light, secure and free, enabling anyone to store and access their files quickly. However, it seems that the developer made a small mistake in developing it. Can you spot it?

The web server is accessible on port 8080

WARNING: The bot doesn’t have access to the internet and files are cleared very regularly

Compromission time

2 hours

Operating system

linux

start this virtual environnement

176 Virtual Environnements

Results	Name	Validations ↓↑	Difficulty	Author	Note
	Metasploitable 2	40% 8580
	Basic pentesting 1	32% 4662
	LAMP security CTF5	25% 3877
	Docker - I am groot	51% 3020		Ech0
	LAMP security CTF4	35% 2715
	SSH Agent Hijacking	26% 2359		mayfly
	SSRF Box	18% 1758		sambecks
	Metasploitable	12% 1726
	Mr. Robot 1	21% 1637
	End Droid	35% 1250
	Imagick	22% 1036		sambecks
	SamBox v2	13% 979		sambecks
	Kioptrix level 2	25% 972
	Docker - Sys-Admin’s Docker	41% 940		Ech0
	LAMP security CTF7	39% 889
	VulnVoIP	17% 851
	SamBox v1	7% 723		sambecks
	Docker - Talk through me	42% 636		Ech0
	Well-Known	11% 622		sm0k
	Django unchained	22% 610		TiWim
	LAMP security CTF6	18% 603
	Windows - Group Policy Preferences Passwords	25% 584
	Kioptrix level 3	33% 575
	Shared Objects Hijacking	13% 561		das
	BreakingRootme2020	15% 512		Laluka
	Windows XP pro 01	5% 495		g0uZ
	Awky	8% 495		sbrk
	Kioptrix level 4	35% 462
	Rootkit Cold Case	16% 462		franb
	Windows - KerbeRoast	19% 449
	Websocket - 0 protection	6% 437		Worty
	Bluebox - Microsoft Pentest	4% 418
	Windows - ASRepRoast	35% 407
	pWnOS	32% 400
	Hackademic RTB1	19% 364
	DC-1	15% 344
	SamBox v3	5% 333		sambecks
	Exploit KB Vulnerable Web App	12% 306
	Bluebox 2 - Pentest	3% 306		sambecks
	SAP Pentest	7% 293		iggy
	Holynix v1	24% 292
	LAMP security CTF8	14% 291
	/dev/random : Pipe	5% 236
	A bittersweet shellfony	12% 233		mayfly
	LordoftheRoot	25% 230
	Hopital Bozobe	8% 228		sambecks
	Acid: Server	12% 218
	FristiLeaks 1.3	29% 215
	SkyTower	24% 213
	Ubuntu 8.04 weak	5% 206		g0uZ