EasySchema

SCENARIO

A simple utility that fetches any URL you throw at it from the server side. Almost any URL, that is. The developer was thoughtful enough to put some rules in place to keep things safe.

The flag is sitting at /app/flag.txt. Figure out what the server is running under the hood, understand what it is actually capable of, and find a way past the filter.

Flag format: flag{}

Infrastructure

- Docker Container — HTTP on port 3000

Provided Files

- None (BlackBox challenge)