4zip

MediumWeb Security

Overview

We developed this service to help people, however it was hacked and someone acquired access to /[ranodm]_flag.txt. Flag Format :Flag{}

Lab Details

Prerequisites & Requirements

Basic knowledge of web security specially file upload and file inclusions

What will you learn?

Exploiting path traversal in zip files
Chaining path traversal with SSTI

Tools

Python

Job Positions

Application Security Engineer

Tags

LfiDirectory TraversalPythonSstiWebshellSource Code Review