Realtime & historical stock market data APIs
Options, forex, crypto & other asset classes
Over 60 technical & economic indicators
Market news API & sentiment analysis
Seamless MCP support for AI agents
{"cmd":"status","server":"gameserver_1; cat /flag.txt"} Response snippet:
Could you clarify which one you need?
In the meantime, here’s a for a typical GamesHost CTF challenge (e.g., a pwn or web challenge named “gameshost”). If that’s not what you meant, let me know and I’ll adjust. Write-up: GamesHost (CTF Challenge Example) Category: Web / Pwn Difficulty: Medium Points: 350 Challenge Description “The GamesHost portal lets you manage your game servers. But the admin installed a suspicious plugin. Can you get remote code execution?” Reconnaissance The website shows a login panel and a “Server Console” page after logging in as a test user ( test:test ). The console allows sending commands like status , list , and start <server_id> . gameshost
POST /api/console {"cmd":"status","server":"gameserver_1; id"} Response shows uid=33(www-data) gid=33(www-data) . {"cmd":"status","server":"gameserver_1; cat /flag