C
C
Capture The Flag
Search…
⌃K

Exploitation 4

This challenge requires us to read the /flag.txt file
During our enumeration we found the Elasticsearch Directory Traversal (CVE-2015-5531) vulnerabilities
Description: Directory traversal vulnerability in Elasticsearch before 1.6.1 allows remote attackers to read arbitrary files via unspecified vectors related to snapshot API calls.
We change the path to /flag.txt to read the file. But we got encoded data.
We used some online decoding tools to decode the data from decimal into ascii.
Flag: RC15{J5ekuUdMY7BLZmktYCXzWZhZZ4J3W8pv}