Command Injection

Chain OS commands through a web interface

/start injection

106

Total Solves

32m 26s

Avg Solve Time

First Blood Claimed

1m 40s

Record Time

// FIRST BLOOD

「 ✦ Rimuru ✦ 」 🩸

cracked in 7m 21s

// TOP 10 FASTEST

#1 Tarun 1m 40s

#2 User 0755 2m 1s

#3 pablo_bbx 2m 11s

#4 Tangen 2m 38s

#5 simmmss 2m 43s

#6 Kael 2m 52s

#7 GhostProtocol 3m 2s

#8 Cirzoke 3m 31s

#9 TRG 3m 52s

#10 rustplayer444 4m 12s

// RELATED · Intermediate TIER

Database Bypass

WEB+SSH Bypass authentication with SQL injection

★★☆☆☆

Malicious Upload

WEB+SSH Upload a web shell past file filters

★★☆☆☆

XML Attack

WEB Read server files through XML entity injection

★★☆☆☆

Path Traversal

WEB+SSH Traverse directories to read sensitive files

★★☆☆☆

Script Kiddie

WEB+SSH Inject JavaScript to steal credentials

★★☆☆☆

Vault Cracker

WEB+SSH Decode layered encoding to crack a vault

★★☆☆☆

Spawn this box.
Capture the flag.

Join the Discord and type /start injection to spin up your own container.

join discord → sign in with discord

Command Injection

// FIRST BLOOD

// TOP 10 FASTEST

// RELATED · Intermediate TIER

Spawn this box.Capture the flag.

Spawn this box.
Capture the flag.