For this year's Google CTF, I prepared a challenge that is based on a real-world vulnerability. The challenge wasn't solved by any team during the competition so here is the proof that the challenge was in fact solvable! :)
- Link to the challenge: https://capturetheflag.withgoogle.com/challenges/web-security-driven
- Link to the PoC: https://github.com/google/google-ctf/tree/master/2021/quals/web-security-driven/solution
The goal of the challenge was to send a malicious file to the admin and leak their file with a flag. The ID of the file was embedded into the challenge description (/file?id=133711377731
) and only admin had access to it, because the file was private.
Disclamer: The write-up is written on airplane therefore the quality of it is poor, mostly to showcase the required steps to solve the challenge