DEV Community

loading...

Discussion on: Hacker101 CTF - Photo Gallery

Collapse
ridaehamdani profile image
Ridae HAMDANI

hy ,
I didn't understood how we can now that the application runs on the uwsgi-nginx-flask-docker image ?

Collapse
caffiendkitten profile image
DaNeil C Author

Hi,
So, I used the hint for this one. As far as I can tell there is no specific way to really determine if the site is using the uwsgi-nginx-flask-docker image or any other software stack but you can determine that it is using nginix/1.14.0 (Ubuntu) when you navigate to a page that isnt there like "35.190.155.168/a65bf28b4a.html".
From here it's a good guess that it's probably going to need a SQL UNION command of some kind (The UNION is also in the hints). I took a guess with a UNION statement of 4 UNION SELECT 'uwsgi.ini'-- based on looking up the hint "uwsgi-nginx-flask-docker image". This lead me to the "main.py" because flask uses python.

Collapse
ridaehamdani profile image
Ridae HAMDANI

thanks for your explanation, waiting for more posts from you about hacking !!