Hack.LU 2014 :: Web 150 :: Hidden in Plain Sight

Posted by and filed under Hack.LU 2014.

For this challenge, we are given the service code to review and find the vulnerability. We locate the function that is generating the sha256 hash: At first glance, this is random and there is no chance we are going to guess it. But on closer inspection, the 3rd line has something strange about the… Read more »