53 words
1 minutes
SCSC2026 Quals - Digger - Web Exploitation Writeup
Event Archive

SCSC2026 Quals

Posts, writeups, and notes grouped under this event.

Archive/29 posts
Events/SCSC2026 Quals
2026-02-17
Writeup
CTF
/
Security
/
Web Exploitation

Category: Web Exploitation
URL: https://ctf.sriwijayasecuritysociety.com/
Flag: SCSC26{d4g_d1g_dug_d4n9du7}

Challenge Description#

The challenge name “Digger” is a hint to use DNS digging tools like dig to enumerate records.

Analysis#

DNS-based CTF challenges commonly hide flags in:

  • TXT records
  • MX records
  • subdomains
  • zone transfer misconfigurations (AXFR)

Exploitation#

Query TXT records for the domain:

dig TXT sriwijayasecuritysociety.com

The TXT record response contained the flag:

;; ANSWER SECTION:
sriwijayasecuritysociety.com. 300 IN TXT "SCSC26{d4g_d1g_dug_d4n9du7}"
SCSC2026 Quals - Digger - Web Exploitation Writeup
https://blog.rei.my.id/posts/24/scsc2026-quals-digger-web-exploitation-writeup/
Author
Reidho Satria
Published at
2026-02-17
License
CC BY-NC-SA 4.0
© 2026 Reidho Satria. All Rights Reserved. / RSS / Sitemap
Powered by Astro & Fuwari