Tags: web websockets warmups
Rating:
For this challenge, we get the source code of a Go binary. We notice some chat messages going on and the flag is within the chat history of user 5.
Sending a simple message in the web application:
And intercepting it with Burpsuite, we notice it is using websockets:
In the source code, we notice another command other than !write
. We notice we can query the chat history using !history
. After sending the request to Repeater, we see we need to provide an index from 1 to 7.
Well, what happens if we query outside of that range?
We get the flag: flag{c398112ed498fa2cacc41433a3e3190b}