Out-Of-Band RCE: CTF Walkthrough

So, this is my writeup on how I was able to achieve my first Remote Code Execution. Also after reviewing the code I was able to understand more about malicious code execution via OS functions. Finally, I was able to capture the flag and get the Hall of Fame, Check.

Out of Band(OOB) Command Injection is performed by sending a DNS request to a server, which occurs when input data is interpreted as an operating system command. By this, an attacker can execute arbitrary commands on the system and gain unauthorized access.

Continue reading “Out-Of-Band RCE: CTF Walkthrough”