← all labs
Intermediate
WEB+SSH
★★☆☆☆

Malicious Upload

Upload a web shell past file filters

/start upload
60
Total Solves
20m 8s
Avg Solve Time
1
First Blood Claimed
21s
Record Time

// FIRST BLOOD

cracked in 5m 57s

// TOP 10 FASTEST

#1 khan 21s
#2 r 2m 13s
#3 Snaké 2m 58s
#4 Kael 3m 27s
#5 MID 4m 5s
#6 pablo_bbx 5m 0s
#7 F03ever 5m 15s
#8 Manuelitow 5m 32s
#9 NYO 5m 54s
#10 「 ✦ Rimuru ✦ 」 5m 57s

// RELATED · Intermediate TIER

Command Injection
WEB+SSH Chain OS commands through a web interface
★★☆☆☆
Database Bypass
WEB+SSH Bypass authentication with SQL injection
★★☆☆☆
XML Attack
WEB Read server files through XML entity injection
★★☆☆☆
Path Traversal
WEB+SSH Traverse directories to read sensitive files
★★☆☆☆
Script Kiddie
WEB+SSH Inject JavaScript to steal credentials
★★☆☆☆
Vault Cracker
WEB+SSH Decode layered encoding to crack a vault
★★☆☆☆

Spawn this box.
Capture the flag.

Join the Discord and type /start upload to spin up your own container.

join discord → sign in with discord