Lazy Dev [Web – 400 Points]- RITSEC CTF

Challenge Description :

Author: jok3r


Ok. Let’s check the url with port 8007 .


I check the source code and found some interesting link to go next page. eg.

I follow this all link and finally get the useful info at Stars.html

call this devsrule.php file . I found some interesting parameter name magic . so try to insert something to this parameter. aaaaaaaa but it not work.

Ok. Try with ../ Yeah. It work

Ok try to test Remote file inclusion vulnerable with google link. 😉

RFI not work. but let’s try with Local File Inclusion(LFI) php://input method. but you need to insert data with post method



<?php echo "<pre>"; system('ls -al'); ?>

Now i search the flag.txt and read it.

The flag is




Thanks for reading..