Not even any of this should be trusted so please perform the due diligence before running this app in your environment.

The app is intended to be run as a docker container, but could be run on a testing debian-based linux server too.

You need to have docker installed. It is a containerized app, so it needs to be run as such. DO NOT exec into the container using docker commands and work with it as if it was a server. Cheating won't be punnished but the fun will be gone. Check how to run the app container section bellow.

There are two flags on the server (container) that need to be found and captured.
Hint - have you ever thought that a file upload could be unsafe?

If you were really stuck, there is the solution directory.
It holds two base64 encoded files with suggested solutions. Decode only the part1 first.

Welcome to the finest Zipper App out there! You have a file that you need to zip? We have you covered, try it out!

Hint: Start by checking your localhost:5000 upon running the container.

1. Perform your due diligence on the app, I mean it
2. Clone this repository
3. In the root of the project, run docker build -t dvfza .
4. Run the app by docker run -p 0.0.0.0:5000:5000 -p 0.0.0.0:2222:2222 dvfza

Have fun.

Feel free to open pull requests.