Summary
- The box begins with a Nmap scan of the network to find any open ports and services.
- A total of 22/tcp and 8080/tcp are available.
- A peak at the page shows a cat sticker shop with possible XSS.
- Using this, we craft a simple payload to send a request to the target machine.
- The response gives us a GET request back to our machine.
- We take this and modify it to send a request for the flag.txt file.
- With this, we get a response with the flag.