Skip to content

mitre-cyber-academy/2018-Web-200b

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
app
app
 
 
bin
bin
 
 
config
config
 
 
db
db
 
 
docker
docker
 
 
lib
lib
 
 
log
log
 
 
public
public
 
 
test
test
 
 
tmp
tmp
 
 
vendor
vendor
 
 
.gitignore
.gitignore
 
 
.ruby-version
.ruby-version
 
 
Dockerfile
Dockerfile
 
 
Gemfile
Gemfile
 
 
Gemfile.lock
Gemfile.lock
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Rakefile
Rakefile
 
 
config.ru
config.ru
 
 
docker-compose.yml
docker-compose.yml
 
 
package.json
package.json
 
 

Repository files navigation

Search History

Some websites store users searches in the database so that links to those searches are accessible later. This application emulates that functionality.

How to Solve

  1. Navigate to the homepage of the application and perform a search with the network tab open.
  2. Inspect the result. In the response body you will see a /searches/#num. This number increases every time you search.
  3. Browse directly to <url>/searches/1 and you will see the results from that search but you will not see the actual query run.
  4. Realize that the app is using json for some of its endpoints and browse directly to <url>/searches/1.json which will give you the actual query run, which in this case also contains the flag.

Flag

MCA{just_browsin'_my_search_history}

About

No description, website, or topics provided.

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

4 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages