Web

Challenge: headless-web This writeup covers exploitation of a vulnerable web application deployed as a CTF challenge. The test setup included: insecure file upload weak session management arbitrary command injection 1. Recon Start by exploring endpoints and validating behavior under authenticated and unauthenticated sessions. 2. Exploitation Found insecure file upload endpoint /upload without mime or extension filtering. Uploaded PHP webshell and gained remote command execution. 3. Fix validate file type and extensions strictly enforce strong session cookie attributes (HttpOnly, Secure) apply Web Application Firewall rules for command injection Post-mortem This demonstrates how configuration issues in common web stacks can lead to path traversal and RCE.