🐀🐀 0 pts earned

Axiom

The SolarGate incident team flagged unusual activity on prod-web-01. A file-upload vulnerability gave an attacker a foothold as www-data, and the logs show things escalated from there. Your job: step into the analyst's seat, reconstruct what happened, and finish the job the attacker started.

🩸 First user blood: teammyinside 🩸 First root blood: teammyinside
Machine online
Target IP Log in to reveal
User Flag Pending
Root Flag Pending

Community

Community Hints

Grade A · 1000 pts Grade B · 700 pts Grade C · 400 pts Grade D · 200 pts + 150 credits on accept

Short, stage-specific nudges — directional, spoiler-light, no exact commands.

Foothold

Evaluate file upload validation logic nasim · B · 26 Jun 2026

Community

Community Walkthroughs

Grade A · 2500 pts Grade B · 1750 pts Grade C · 1000 pts Grade D · 500 pts + 300 credits on accept

🔒 Community walkthroughs are spoilers — capture the root flag on this machine to unlock them.