Solution to SECCON 2017 Log Search
name:
Log search
category:
web
points:
100
Writeup
We go a link to an empty site with the words “Find the flag!”.
Looking at the source we found a link to another page.
That was a search page for accesses to the webpage. Searching for flag gave us this url: http://logsearch.pwn.seccon.jp/flag-b5SFKDJicSJdf6R5Dvaf2Tx5r4jWzJTX.txt
flag was SECCON{N0SQL_1njection_for_Elasticsearch!}