Description

1
We didn't have time to setup and test a proper jail, so this text editor will have to do for now. Can you break free

We are given a website that when we connect to we get a vim over a ttyd web terminal. This challenge is straightforward and pretty simple we just need to escape the vim prompt in order to get the flag.

If we do some research on how to escape vim we come across this amazing blog post from hacktricks https://book.hacktricks.xyz/linux-hardening/privilege-escalation/escaping-from-limited-bash

What we are interested in is this part right here

Untitled

We can also find it in ****GTFOBins.**

So by typing those two lines we should be able to get a shell and therefore get the flag

1
2
:set shell=/bin/sh
:shell

Let’s try it

Untitled

It worked! We got our flag