 This last challenge in the advanced category from Ryan Nicholson's captured flag competition is called input validation for 50 points. It says abuse the ping tool HTML page on the web server to find the flag within the flag.txt file. So we can navigate to this page, we can just paste in that ping tool and it looks like it is a simple web service that allows us to ping a specific IP address. So it's probably just running the console command to ping a website. It looks like it's loading and it is getting a result and we're just getting the command output. So we can assume that it's trying to run a command. So what's to stop us from, okay, trying to do some command injection, trying some techniques to do other things like run other commands. Like if I run colon or semicolon to note the end of a command and then try and run a new command, like who am I, what do we get returned? A dub dub dub data. So we get return results from that other command. Let's LS and then looks like we've got all the files in the current directory. I don't see a flag in there so I went up a directory and then I can see, okay, there is a flag dot text. Let's go ahead and cat that out cat up a directory flag dot text and simply there is our flag. If we wanted to we can just that looks like it's being passed through a get request. So if you wanted to just run a curl command to retrieve that we can simply cut out that second flag and then redirect all of curls nonsense to dev know. So we have a very, very quick get flag script if we particularly wanted it. I think that's good practice. I think that's good CTF hygiene or whatever. Trying to take notes of what you do here. Let's make that executable and then let's mark this challenge as complete. So nice. That was a pretty simple task. Good thing to just note. Okay, it is running a command. It's trying to give us the command output from that ping tool so we can totally take advantage of that. Hey, I want to give a special shout out and some love to the people that love and support me on Patreon. Thank you guys so much. I'm very, very grateful you willing to help me in this journey and make this YouTube channel better and inspire and motivate me. So $1 a month on Patreon will give you a special shout out at the end of every video just like this. $5 a month on Patreon or more will give you early access to everything that I release on YouTube. Hey, if you did like this video, please do like, press that like button. Maybe leave me a comment and subscribe if you're willing and check us out on Discord. Come and join and hang out with the community of CTO programmers, hackers, and cool stuff. Hope to maybe see some love from Patreon. I don't know. That'd be awesome. All right. See you in a later video, guys.