blog

HTB CyberApocalypse 2025

More details

MoonBeam Tavern (Web)

We are given a website that simulate a Shell command line. They gave several interesting commands which mirror the actual commands, namely

  • examine as whoami
  • gossip as ls
  • observe as ps

With examine, we know we’re root so that means we have access to the flag. From gossip, we see that the website is a Vite app, and there’s a flag.txt file. Exploiting gossip $(cat flag.txt) gives us the flag. flag

Check out other posts

ssmctf 2025

nahamcon ctf 2025

ictf recurring