SignupHide Sidebar
Username: 
Password: 
Restrict session to IP 
Statistics
46 Sites
188 Challs
9165 Posts
68864 Users
45 donations
1 Shop
46 Active Sites
World of Wargame
WeChall
TheBlackSheep
Rankk
Electrica
NewbieContest
BrainQuest
Net-Force
HackThisSite
elhacker.net
TryThis0ne
TDHack
+Ma's Reversing
Hacker.org
HackBBS
Root-Me
SPOJ
Revolution Elite
W3Challs
Gekkó
Webhacking.kr
Reversing.Kr
SuNiNaTaS
Hacking-Challenges
OverTheWire.org
RedTigers Hackit
Defend the Web
Mod-X
Omega Project
ae27ff
pwnable.kr
RingZer0 Team Online CTF
pwnable.tw
Hack The Box
try to decrypt
MysteryTwister
LordofSQLi
Énigmes À Thématiques
247CTF
CryptoHack
PyDéfis
PromptRiddle
PWN.TN
pwn.college
HackMyVM
Hack The Web
Top 10 Players
dloser
benito255
jusb3
Caesum
tehron
phoenix1204
lordOric
Xaav
thefinder
Akorlith
Last 20 Activities
atalpandey7
sonarypt
faust
gizmore
cameudis
vishwakse_n
zaido21
redscare
Domitille
vishwakse_n
cheerfulbull
lord1c3
meerkat96
adholmes1
njasi
oschall6501
adholmes1
ktmurph
l20055780
popoyethesailor
Online within 1d
58 Users
tinel
tutolmin
sonarypt
livinskull
lxf42
mdanish
dk420
quangntenemy
nowsh
MagicToast
meerkat96
Phenyl316
colinz
gizmore
criple_ripper
noother
zaido21
redscare
Domitille
cheerfulbull
more
WeChall->Challenges->Challenge: Fineprint

Hint?  Go to the Fineprint challenge

Challenge broken?
Global Rank: 13515
Totalscore: 206
Posts: 1
Thanks: 1
UpVotes: 2
Registered: 52d 20h
Last Seen: 45d 5h
The User is Offline
Hint?
Jan 03, 2025 - 16:13:35 (48d 23h) Google/translate1Thank You!2Good Post!0Bad Post! link
Hi folks,

Could someone give me a hint or let me know if I’m heading in the right direction to solve this challenge?

First, I tried several attempts to input code into the HTML text area that could render secret.php into a converted PDF document. Unfortunately, it didn’t work.

Next, I looked into vulnerabilities in the DOMPDF library. I discovered one critical vulnerability that could be exploited through a malicious CSS file and font, but it didn’t seem like a viable approach.

I also found some other vulnerabilities for DOMPDF, but I wasn’t able to exploit them.

Any help would be greatly appreciated!

Thank you.
Global Rank: 228
Totalscore: 94565
Posts: 1695
Thanks: 1365
UpVotes: 929
Registered: 17y 7d




Last Seen: 2h 3m
The User is Offline
Send EMail to gizmore
RE: Hint?
Jan 24, 2025 - 13:06:59 (28d 2h) Google/translate0Thank You!0Good Post!0Bad Post! link
It's much easier.
But if you find real interesting vulns maybe share it with the vendor!

- giz
The geeks shall inherit the properties and methods of object earth.
tunelko, silenttrack, n0tHappy, nonfungiblesecurity, quangntenemy, TheHiveMind, Z, balicocat, Ge0, samuraiblanco, arraez, jcquinterov, hophuocthinh, alfamen2, burhanudinn123, Ben_Dover, stephanduran89, braddie0, SwolloW, dangarbri, csuquvq have subscribed to this thread and receive emails on new posts.
1 people are watching the thread at the moment.
This thread has been viewed 275 times.