Accessed me ?
EasyDigital Forensics
Overview
We have discovered a vulnerability in our system that may allow users to access other users' data. We need to ensure that no users have exploited this issue. Could you please assist us by providing the usernames of any users who have exploited it? If multiple users are identified, please separate their usernames with | and arrange them in chronological order by timestamp, from oldest to newest.
Flag Fromat : Flag{username_one|username_two|......|.....}
Lab Details
Prerequisites & Requirements
- Basic understanding of web application authentication mechanisms
- Familiarity with HTTP requests and responses
- Knowledge of JWT (JSON Web Tokens) structure
- Understanding of REST API endpoints
- Basic Python programming skills
- Experience with log file analysis
What will you learn?
- How to analyze Apache-style web server logs
- Understanding IDOR (Insecure Direct Object Reference) vulnerabilities
- JWT token structure and decoding techniques
- Log parsing with regular expressions in Python
- Identifying unauthorized access patterns in logs
- Chronological data sorting and analysis
Tools
- Python 3 - For scripting and log analysis
- Text Editor/IDE - For examining log files and writing scripts
- jwt.io - Online JWT decoder and debugger (https://www.jwt.io/)
- Base64 decoder - Built-in Python base64 library
Job Positions
Soc Analyst
Tags
Timeline AnalysisIncident ResponseWeb LogsOs ArtifactsWeb Forensics