Challenge Information Platform: SNHT Category: Misc Overview Heeeeeeelp! Yesterday I ordered the coolest DDC merch and I’m already soooo excited, BUT there are big problems: I haven’t received an email with a tracking ID I entered the wrong shipping details, so I don’t know which postal code I typed in… I tried chatting a bit with their AI chatbot, but it refuses to tell me anything about tracking IDs or postal codes :( ...
Challenge Information Platform: SNHT Category: Web Overview An outdated MinIO cluster is running with a critical security vulnerability. Your goal is to retrieve the flag. GLHF! The IT-Ops Portal is accessible at: http://portal.cfire:8080 Reconnaissance Upon opening the website we are greeted with IT-ops Portal. In the channel we get information about an “env var leak” and also that the current version of the cluster is RELEASE.2022-10-24T18-35-07Z. When clicking the links to the console they both takes you to http://minio.cfire:9001/login login screen. ...