Title : Convert to uppercase
The goal of this website is to convert strings from lowercase to uppercase, as we can see below.
When we try to convert some text, nothing happened. Strange for a website that should convert to uppercase. So, in order to check why it doesn’t work, I looked at the source code.
In the source code, we clearly see that there is some limitations to the conversion. We could only convert what is inside <h1-6></h1-6>. After putting a <h1>string</h1>, I saw that the conversion was OK. So, now how to find a vulnerability with that?
I tried some XSS, which worked perfectly, but the vulnerability wasn’t there. So, where could it be?!
After a few minutes, I remembered an article that I’ve read long time ago about a vulnerability in bbCode. This flaw was using the regex e modifier. This modifier is like magic! It litterally takes the value from the regex to execute it! Yep. Like magic. So, now, we just have to try it by listing the directory for example.
Amazing, I now have all files listed just in front of me! And, in these files… Oh yes ! t0ken.php. We just have to load it…
And here comes the flag !