Tags: web 

Rating:

Using SSRF in `file_put_contents('ftp://...')` to deliver a FastCGI payload into a php-fpm socket.

Original writeup (https://github.com/dfyz/ctf-writeups/blob/master/hxp-2020/resonator).