Latex converter
As the challenege description says, textual can convert Latex syntax to normal HTML form.
That’s great, but how do we get the flag? A quick google tells us there are a few ways to abuse Latex converters. Looking at challenge files we know there is a file called flag.tex somewhere in the challenge directory:
Getting the flag is as easy as including this file in our code:
Arbitrary file read
We can also make Latex read files from the system for us with \lstinputlisting{<FILE>}. Below are just a few examples:
