Webhacking.kr write-up: old-41
1 minutes to read| Link | point | tag |
|---|---|---|
| old-41 | 250 | Linux |
Howdy there, welcome to another webhacking.kr CTF style challenge. Today’s challenge is about the maximum character can be used in the Linux filename.
A front-page with a file upload query. Anyway, time to read the code.
By referring to the code, we have some filename filter but not that is not important. Two things caught my eye,
- Error displaying is enabled
- The flag is saved in some unknown directory
With this information, we have to induce an error to reveal the hidden directory. This error must be somehow connected to the uploaded file. I tried uploading a file with a huge size and different types of extension. No luck.
How about Linux filename that exceed 255 characters. For your information, the maximum allowed filename for Linux is 255 characters.
Of course, you can’t just create the file within the Linux system. The best bet is through The Burp Suit. First of all, upload a dummy file and intercept the request.
After that, change the filename as long as you can and it should be more than 255 characters. Then, forward the request.
Return to the page and you should notice there is a warning being raised.
That is the hidden directory we are looking for. After that, try to upload a file with a shorter filename (123 in my case). Visit the following URL to capture the flag
https://webhacking.kr/challenge/web-19/<hidden directory>/123
Thanks for reading. Follow my twitter for latest update
If you like this post, consider a small donation. Much appreciated. :)