Course
In this challenge, you will explore how DOMPDF can be exploited to achieve code execution, based on an advisory about DOMPDF's vulnerability to URI validation failure during SVG parsing. You will need to automate and brute-force the process to find the necessary gadget for this exploitation.
Skills covered
Injection
Operating System
Network
Ready to practice?
Get access to this lab and 600+ hands-on exercises with a PRO subscription.
