A web application that converts provided URLs into PDF documents. Vulnerability: Insecure URL handling during PDF generation.
The system will bypass front-end controls, hit your server, follow the 302 Redirect , load the target internal file, and embed its contents right into the generated document. 3. Read the Flag
When analyzing applications with this functionality, the target component is usually the rendering engine itself. pdfy htb writeup upd
: Because PDF generators often execute underlying system commands to create the PDF, injecting command characters like backticks ( ) or piping ( |`) can lead to Remote Code Execution (RCE) .
subdomain and the use of the "recyclops" bot to read local files (LFI). Privilege Escalation : Detail the exploit for CVE-2021-3560 (Polkit) to gain root access. InfoSec Write-ups 2. HTB "PDFy" Web Challenge A web application that converts provided URLs into
<img src="file:///etc/passwd">
Use code with caution. 2. Trigger the SSRF subdomain and the use of the "recyclops" bot
Alternatively, get a root shell: