https://mohamed-ahmed-salah.github.io/In a world of 1s and 0s, I am undefined. 2025-02-14T23:12:47+02:00 1of0 https://mohamed-ahmed-salah.github.io/ Jekyll © 2025 1of0 /assets/img/favicons/favicon.ico /assets/img/favicons/favicon-96x96.png 2024-12-19T11:00:00+02:00 2025-02-14T22:42:49+02:00 https://mohamed-ahmed-salah.github.io/posts/Cheese-CTF/ 1of0

In the Cheese CTF, we bypassed the login page using an SQL injection and discovered an endpoint vulnerable to LFI. By chaining PHP filters, we turned the LFI into RCE and gained an initial foothold on the system. After that, we exploited a writable authorized_keys file to pivot to another user. As this new user, we fixed a syntax error in a timer and used sudo privileges to start it, which allo...