Access the site at https://cfta-wm05.allyourbases.co, then find and read the contents of the flag file, to get the flag.
&&ls
command to list the current directory works and shows us that there is a file called lambda_function.py
that likely contains the logic of the AWS lambda function. However, trying to use cat
to display the file by running cat lambda_function.py
doesn't work and instead returns Error: Invalid Character Detected
.&&{cat,lambda_function.py}
. This successfully leaks the server logic, which we saved to lambda_function.py.&&{ls,-a}
as the path
argument in the JSON request to print all files, including hidden files in the current directory. There is a folder called ...
.&&{ls,-a,...}
to list the contents of the ...
folder, which contains a file named .flag.txt
.&&cat<.../.flag.txt
to get the flag.bh%3kx9j75%3k2*7!n