Photo Album
The source code shows an extension whitelist:
The extension whitelist is however only on the extension, not the mime-type.
Creating a tarfile with a symlink inside allows get-requests to the flag.
voila:
The source code shows an extension whitelist:
The extension whitelist is however only on the extension, not the mime-type.
Creating a tarfile with a symlink inside allows get-requests to the flag.
voila: