admincrashboard

This is the source code for the "admincrashboard" service from FAUST CTF 2022.

As it was written for a CTF service, the code is deliberately insecure and contains exploitable bugs. It is provided for educational purposes only, do not even think about (re-) using it for anything productive!

The code is released under the ISC License, see LICENSE.txt for details.

Intended Vulnerabilities

Command Injection runs as serveruser
Directory Traversal to the flag using the editor
XXE in a button file

Name		Name	Last commit message	Last commit date
Latest commit History 2 Commits
admincrashboard		admincrashboard
checker		checker
exploits		exploits
venv		venv
.gitlab-ci.yml		.gitlab-ci.yml
LICENSE.txt		LICENSE.txt
Makefile		Makefile
README.md		README.md
TODO.md		TODO.md
_0_state.json		_0_state.json
docker-compose.yml		docker-compose.yml
metadata.yml		metadata.yml
start.sh		start.sh

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

admincrashboard

Intended Vulnerabilities

About

Releases

Packages

Languages

License

fausecteam/faustctf-2022-admincrashboard

Folders and files

Latest commit

History

Repository files navigation

admincrashboard

Intended Vulnerabilities

About

Topics

Resources

License

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages