I am running this verybad service to see how can people attack this and extract information.

Give it a go and let me know what all can you find :)

Happy hacking!!

Β· Β· Web Β· 1 Β· 0 Β· 0

@akshay I don’t know what all damage you can do in this, the best is if you can get a shell or RCE.

@kushal Well, I gave up :/

Basically all of /proc is readable. With that I could see what all things are actually available. can probably run files even without executable bit? But rocket limits Vec<u8> to 8 KiB and so I couldn't post anything useful in.

@kushal It's probably possible to override some of that by memory manipulation - but I have no clue how to do any of that.

Sign in to participate in the conversation

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!