❓ Help & Documentation
How it works
NetWatch executes system commands on the server to perform network diagnostics:
- Ping Tool: Runs
ping -c 2 [host]— Your input is appended directly to the command - DNS Lookup: Runs
nslookup [domain] - Config Reader: API at
/api/config?file=[path]— Reads any file on the system
Challenge Objective
The flag is stored in /flag.txt on the server. Your goal is to read it.
Hints
- Hint 1: The ping tool takes your input and passes it directly to the system shell. What happens if you add extra commands after the hostname?
- Hint 2: In a shell, the semicolon
;separates multiple commands. For example:echo hello; echo world - Hint 3: Try typing
127.0.0.1; cat /flag.txtin the ping tool. - Hint 4: Alternatively, the Config Reader API at
/api/config?file=/flag.txtcan read any file directly!
Learning Resources
This challenge teaches about:
- Command Injection (CWE-78): When user input is passed to system commands without sanitization
- Arbitrary File Read (CWE-22): When an API reads files based on user-supplied paths without restriction