Include
Challenge details

Solution
Clicking on the link redirected us to a new tab. The content was pretty straight forward. Since the author mentioned that it's not a phishing link, I decided to click on it :)

New content was shown. The file
parameter in the URL address bar immediately caught my attention. It's a classic LFI vulnerability for sure. The location of the flag was mentioned in the description. Let's include that as our parameter value.

And we got the flag.

Flag
GCTF2023{LFI_1nclud3_1s_d4ng3rous}
Last updated
Was this helpful?