53 words
1 minute
SCSC2026 Quals - Digger - Web Exploitation Writeup
2026-02-17
Writeup
CTF
/
Security
/
Web Exploitation

Category: Web Exploitation

URL: https://ctf.sriwijayasecuritysociety.com/

Flag: SCSC26{d4g_d1g_dug_d4n9du7}

Challenge Description#

The challenge name “Digger” is a hint to use DNS digging tools like dig to enumerate records.

Analysis#

DNS-based CTF challenges commonly hide flags in:

  • TXT records

  • MX records

  • subdomains

  • zone transfer misconfigurations (AXFR)

Exploitation#

Query TXT records for the domain:

dig TXT sriwijayasecuritysociety.com

The TXT record response contained the flag:

;; ANSWER SECTION:
sriwijayasecuritysociety.com. 300 IN TXT "SCSC26{d4g_d1g_dug_d4n9du7}"
SCSC2026 Quals - Digger - Web Exploitation Writeup
https://fuwari.vercel.app/posts/24/scsc2026-quals-digger-web-exploitation-writeup/
Author
Light
Published at
2026-02-17
License
CC BY-NC-SA 4.0
SCSC2026 Quals - Network Looking Glass - Web Exploitation Writeup
SCSC2026 Quals - Pedeef - Forensics Writeup
© 2026 Light. All Rights Reserved. / RSS / Sitemap
Powered by Astro & Fuwari