Maple Bacon
CTF Team at the University of British Columbia

[RedPwnCTF 2020] Viper

02 Jul 2020 by Vie

TL;DR

  1. Steal admin CSRF token from /analytics
  2. Poison redis cache with a viper page that fires a request to admin/create to modify viper page
  3. Report viper page to admin
  4. Revisit viper page after admin to get flag

The full challenge writeup can be found here.