← All Challenges
Challenge 32 of 66

Shell Shock

🟠 Hard Injection +100 XP

A web tool runs ping on user-supplied input. The input is not sanitized. Inject an OS command to read /etc/flag.

Shell Shock // sandbox
Try appending ; or | followed by a command like cat /etc/flag.

🏆 Challenge Complete!

+100 XP earned
Next Challenge →
← Prev Next →