Team: @face0xff, nardor, rac, y0mmm Editorial Work -- Baby We try a command injection thinking a curl might be used, it happens to work http://192.168.125.100:9005/; id returns SSH-2.0-OpenSSH_7.6p1 Ubuntu-4ubuntu0.7 Protocol mismatch. uid=1001(flask-py) gid=1001(flask-py) groups=1001(flask-py)

Oracle Challenge overview A web page /login with a password input field. Whatever the provided password is we go through the same events: Some adventurer destined message. Note that the field asks for a Guess and not a login from now on. After one guess try, we get the same form but with a hint on what's expected