Tags: nginx rce 

Rating:

tl;dr

* Get the docker-entrypoint.sh using /static../docker-entrypoint.sh
* Get the challenge files using /static../panda/cgi-bin/search_currency.py
* Host your exploit and use a suitable chain to gain RCE.

Original writeup (https://blog.bi0s.in/2023/01/23/Web/bi0sCTF22-PyCGI/).