Add SolutionHEADmaster

1 files changed, 14 insertions, 0 deletions

diff --git a/solve/notes b/solve/notes
new file mode 100644
index 0000000..dd7661c
--- /dev/null
+++ b/solve/notes
@@ -0,0 +1,14 @@
+Literally RCE as a service with training wheels.
+
+Get to dynamically dispatch a C# function from JSON descripiton.
+
+Even the type string is returned to you in the service exception output.
+
+Once you have code execution its a matter of making the flag accessible
+through another endpoint, since the program expects an Image return type,
+but GetUser returns a String, so an exception is thrown, preventing
+you from getting the output directly in the HTTP response.
+
+We move the flag to wwwroot/js/flag.js. Need the extension, since
+otherwise the strict web router will not allow us to download it.
+