CTFs
Upcoming
Archive
Past events
Tasks
Writeups
Calendar
Teams
Rating
Compare
Create new team
Get team members
FAQ
Contact us
For organizers
Feedback
About
Sign in
Home
/
CTF events
/
HTB Business CTF 2022: Dirty Money
/
Tasks
/
Insider
/
Writeup
Insider
by
Galile0
/
Galile0
Rating:
Use
;)
to login as user and pass
Use
bkdr
command to trigger a format string
Overwrite stack variable to enable
list
command
User command injection in
popen
used by
list
to get code execution
Writeup
Original writeup
(https://fascinating-confusion.io/posts/2022/07/htb-business-ctf-22-insider-writeup/).
Comments
x
Sign in with
I don't remember
