Skip to content

KipodAfterFree/KAF-2019-AppPackager

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

10 Commits
.idea
.idea
 
 
src
src
 
 
2019-AppPackager.iml
2019-AppPackager.iml
 
 
Dockerfile
Dockerfile
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

AppPackager

AppPackager is an information security challenge in the Web category, and was presented to participants of KAF CTF 2019

Challenge story

The developers had to rush this one out - they released an incomplete version, and still had some things on their TODO list.

Challenge exploit

The user can inject a template url that has a zip with a broken symlink, which is unpacked, then gets repacked with the flag.

Challenge solution

No need

Building and installing

Clone the repository, then type the following command to build the container:

docker build . -t apppackager

To run the challenge, execute the following command:

docker run --rm -d -p 1000:80 apppackager

Usage

You may now access the challenge interface through your browser: http://localhost:1000

Flag

Flag is:

KAF{7h3se_f1a9z_dr1v33_m3_cr4zy}

License

MIT License

About

No description or website provided.

Topics

challenge

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

0 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages