Challenge Tokyo

Challenge Tokyo

Scrape the NGINX server for explore public files and expose the secret flag.

  1. Search all urls in the server and found suspicious files
  2. See all suspicious files by found the secret flag

Tools

  • Hacker mindset
  • DirBuster (optional)

Tips

Remember that you can explore the different URLs used in the page code to scan for vulnerable directories.

Usage

Run container

   docker run -it --name tokyo -p 9999:9999 ghcr.io/platzi/ctf-tokyo:main

Show logs of container

   docker logs --follow tokyo

Stop container

   [Ctrl]+[C]
// or in other tab
docker stop tokyo

Remove container

   docker container rm tokyo

Remove image

   docker rmi ghcr.io/platzi/ctf-tokyo:main