Sdctf 2021

GETS Request

Solved By : thewhiteh4t

  • The challenge hints at memory issues
  • we can enter an integer and the web app sends a reply
  • there are few checks which the web app makes:
if(!req.query.n) {
    res.status(400).send('Missing required parameter n');
  • so n cannot be blank
const BUFFER_SIZE = 8;

if(req.query.n.length > BUFFER_SIZE) {
    res.status(400).send('Requested n too large!');
  • so max length of n can be 8
  • the web app does not check for duplicate parameters, so we can send another n along with the first

Published on : 10 May 2021