Thailand Cyber Top Talent 2022 – CTF THAILAND
Writeup!! Web-challenge02

1st step : survey target website and guessing how to find flag?
first page have form for upload file… Ok let’s check!!

2nd step : After test uploaded file then show path upload.

3 : Path Upload can list directory and files.I saw PHP file (Interesting).

4 : Let fun with backdoor php file 🙂 use command ls and ls to find flag

Final : Yessssss!!! I found it.

flag : tctt2022{Vuln_F!l3_IpL0@d}