$ cat writeup.md…
$ cat writeup.md…
duckerz
Task: SVG animation web app with file upload. Solution: XXE injection in SVG parser to read /app/flag.txt via SYSTEM entity.
Permission denied (requires tier.pro)
Sign in with GitHub, Discord, or Google to continue. No email required.
$sign in$ grep --similar