Points: 400

Tags: symlink zip web race condition 

Poll rating:

This beautiful website for testing zip files contains a replica of a vulnerability found in a well known bug bounty site.
Log in with rob:smashthestate then exploit the vulnerability to gain access to the ‘admin’ account and the flag.
Automated tools and bruteforcing will not help you solve this challenge.

Writeups

ActionRatingAuthor team
Read writeup
0
LosFuzzys
Read writeup
0
0x90r00t
You need to authenticate and join a team to post writeups