Leak the contents of /etc/passwd to retrieve the hidden flag. Primary Vulnerability: SSRF via the wkhtmltopdf tool. 1. Initial Enumeration
The resulting PDF will contain the contents of /etc/passwd . And just like that, the flag is right there, completing the challenge. pdfy htb writeup upd
PDFy is an on Hack The Box (HTB) that centers on exploiting a Server-Side Request Forgery (SSRF) vulnerability in a web-to-PDF conversion service. The goal is to exfiltrate the contents of the /etc/passwd file from the server to retrieve the flag. Challenge Overview Difficulty: Easy Category: Web Primary Objective: Leak the /etc/passwd file. Core Vulnerability: SSRF via a PDF generation library. Walkthrough & Exploitation Steps Leak the contents of /etc/passwd to retrieve the hidden flag
Create a malicious .tex file: