UnsecureStorage
EasySecure Coding
Overview
Visit /challenge/ to access a machine containing the source code of an application located in the src directory. Your task is to fix the code to retrieve the flag. Make sure to read the rules before you begin.
Lab Details
Prerequisites & Requirements
- Basic knowledge of Node.js and Express
- Understanding of JavaScript objects and prototype manipulation
- Familiarity with path traversal vulnerabilities
- Understanding of web parameter manipulation
What will you learn?
- Exploiting object manipulation vulnerabilities
- Understanding path traversal attacks
- Analyzing JavaScript code for security vulnerabilities
- Understanding prototype pollution in JavaScript
- Chaining multiple vulnerabilities for exploitation
Tools
- Burp Suite or any HTTP proxy
- Browser Developer Tools
- Basic understanding of JavaScript
Job Positions
Bug Bounty Hunter
Tags
Prototype PollutionInput ValidationSanitizationDefensive ProgrammingSecure By Design