Avatar

Labs / FiPloit

  • Easy
  • Released 01 Jun 2025

FiPloit

Start the machine, hack the system, and find the hidden flags to complete this challenge and earn points!

2
Flags
20
Points
Easy
Free Access
Start Lab Environment

Launch your dedicated AWS machine to begin hacking

~1-2 min setup
AWS dedicated
Private instance
Industry standard
Easy

FiSploit at Hackerdna

Unlock hidden privileges in a PHP-powered environment.

FiSploit is an easy-level CTF challenge designed for those looking to sharpen their skills in web exploitation and privilege escalation. This machine features a vulnerable website and a misconfigured privilege escalation path, making it the perfect playground.

Challenge Overview

  • Web Application: The target hosts a custom portal with an vulnerable feature under development. Server-side validation is minimal, making it susceptible to common bypass techniques.
  • Initial Foothold: Exploit the vulnerability to gain a low-privilege shell on the system.
  • Privilege Escalation: Discover a misconfigured permission. Leverage this to escalate your privileges and capture the flag!
Difficulty: Easy
Categories: Web Exploitation, Privilege Escalation

FiSploit is a hands-on challenge that highlights essential web and Linux privilege escalation techniques. Can you find your way from upload to root?