# Traffic Lights W

>Can you figure out what’s going on with this shady company? https://traffic-light-w.web.hsctf.com/

You are given a page where you can upload firmware to some docker containers.


When you clock on the "Upload Firmware" button, you are able to upload XML firmware to that container.


The example firmware is below.

```xml

<root>
<content>Red</content>
</root>
```

When you upload that, you are echoed back "Red".

I tried some xxe payloads I looked up online, and one of them worked! Payload is below:

```xml

]>
<root>
<content>&xx;;</content>
</root>
```


The challenge was to figure out what suspicious thing the company was doing, so I wondered what would happen if I connected to one of the docker containers, so I did just that, and that gave us the flag!

```xml

]>
<root>
<content>&xx;;</content>
</root>
```


Flag: `flag{shh_im_mining_bitcoin}`

Original writeup (https://github.com/Jord4563/CTF-writeups/tree/master/HSCTF2020/traffic-lights-w).