$ cat writeup.md…
$ cat writeup.md…
hackadvisor
Task: EdgeRelay CDN platform has a Connection Tester that forwards raw HTTP requests to internal API; /internal/* endpoints are blocked by security filter using Content-Length validation. Solution: CL-TE HTTP request smuggling — send both Content-Length and Transfer-Encoding headers to desync proxy and backend, smuggling a GET /internal/config request inside a legitimate POST body to retrieve the master_api_key flag.
Permission denied (requires tier.pro)
Sign in with GitHub, Discord, or Google to continue. No email required.
$sign in$ grep --similar