solar-energy TLDR; Solr query injection, which lead to file read. On the previous weekend I played nullcon HackIM 2020 CTF. In the end our team managed to take 2nd place. There was couple of interesting challenges and one of them was challenge involving Apache Solr, software which I don’t have too much expirience with. I heavily used Burp and Hackvertor extension, that helped me with URL encoding (these ‘<@urlencode>’ tags in the requests).