Limited Options
MediumSecure Coding
Overview
Visit /challenge/ to access a machine containing the source code of an application located in the src directory. Your task is to fix the code to retrieve the flag. Make sure to read the rules before you begin.
Flag format: flag{}
Lab Details
Prerequisites & Requirements
- Intermediate knowledge of JavaScript and how Node.js applications work
- Familiarity with Express.js routing, middleware, and request/response objects
- Understanding of query parameters, URL parsing, and Content-Disposition headers
- Basic knowledge of directory traversal attacks and common mitigations like path.basename()
- Ability to read and understand framework documentation to discover hidden behaviors
What will you learn?
- How to analyze Express.js applications for security flaws by tracing data flow
- How Express.js automatically parses query parameters into objects and exploitation techniques
- Deep dive into res.download() method and security implications of the root option
- Techniques to circumvent path.basename() and path.normalize() through unexpected input types
- How reading official documentation can reveal exploitable edge cases
Tools
- BurpSuite for intercepting and modifying HTTP requests
- Browser DevTools for analyzing network requests and testing payloads
- Node.js REPL for testing Express.js behavior locally
Job Positions
Bug Bounty Hunter
Tags
Server MisconfigurationLogic FlawSource Code ReviewPrototype PollutionDirectory Traversal