In this short video I'm showing how to solve Prototype Pollution challenges, explaining how to exploit this vulnerability in TJCTF 2022 task named Fruit Store.
This is not a typical writeup! The priority is to explain in more detail what is this vulnerability and what tools can be used to solve similar tasks.
In this video you can learn what is a JavaScript Prototype Chain and how to use Insomnia Rest Client to prepare an exploit
#prototypepollution #capturetheflag #javascript
00:00 Intro
00:28 Fruit Store Challenge
02:32 What is Prototype Pollution?
03:45 Playing with the Fruit Store
04:25 Going through the Source Code
05:56 Looking for the Vulnerability
07:42 Preparing the Exploit
09:46 Getting the Flag
Hand Drawn icons created by Freepik - Flaticon
Music:
Goat's Skull - Verified Picasso
El Secreto - Yung Logos
Негізгі бет Ғылым және технология How to solve Prototype Pollution CTF challenges?
Пікірлер: 14