Enter your search text in the box above

Select a result to preview

Infinity Shell

Challenge 25: Cipher’s legion of bots has exploited a known vulnerability in our web application, leaving behind a dangerous web shell implant. Investigate the breach and trace the attacker's footsteps!

Solution

  1. Since we know this is a webshell. So it is better to start from server logs.
    Pasted image 20250320203604.png|500

  2. Check both error and access logs.

  3. By intuition I figured image.php seems a better starting point, so I searched the endpoint and found several base64 encoded texts.
    Pasted image 20250320204325.png|600

  4. On decoding that text we found the solution to this challenge.
    Pasted image 20250320204515.png|600