Corridor

Insecure Direct Object Reference - IDOR

Writeup

Only port 80 was open
No directory listing
No Subdomains
Had several doors, which all had separate md5 hashes as the profile
Decrypting those hashes gave us a sequential order of 1 2 3 4 etc
Tried accessing the md5[0] hash -> Revealed the flag

PreviousSurfer NextMustacchio

Last updated 1 year ago