The website has not been migrated to the new cloud environment yet. But the IT team did already migrate all the files.

One of the migrated files is the logo of this website. Because everyone has to be able to see the logo, the IT team decided to make the storage container (where the file is saved) publicly available.

What they forgot is that they host ALL their files in this storage container, meaning all the files are now accessible for anyone to see. To list all the files, we first need to get the URL of the logo on the website. After getting the URL, we can remove the name of the image. This is the URL for the Azure container which it is hosted on. An attacker can use tools (like Azure Storage explorer) to list all files that are in the container using this URL.

One of the files that is now publicly accessible is a PEM file. This file contains a public key, private key and some other information. The name of the file is SECURA{C3RT1F1C3T3}, so this is the first flag!

Submit flag