webProeasy

SWE Intern at Girly Pop Inc — Writeup

scarlet

Task: Flask web application JWT Studio with file viewing endpoint. Solution: Exploited LFI via path traversal in the page parameter to read README.md containing the flag.

$ ls tags/ techniques/
🔒

Permission denied (requires tier.pro)

Sign in to access full writeups

Sign in with GitHub to continue. No email required.

$sign in

$ grep --similar

Similar writeups