Pear

SCENARIO

A developer built a PHP application with a file inclusion feature and decided to lock it down themselves. Common wrappers blocked, file uploads disabled, error display turned off. They are convinced there is nothing left to exploit.

You have full access to the source code. Read through what the developer blocked, think about what they missed, and find your way to the flag.

Flag format: flag{}

Infrastructure

- Docker Container — HTTP on port 80

Provided Files

- pear.zip (1.8 KB)