Academy - Server-side attacks - assesment

did anyone complete the assessment for Server-side attack?
Can’t find the attack point :frowning:

Hi! I have it completed.
Using the given hint try to find encoded strings and utilize one of them.

nice. I’ve found the flag. but the hint didn’t help it.

can you give an advice, where i should find that flag? I tried to decode cookies, but can’t understand where is the attack point :frowning:

Did you mean encoded cookies?

The advice I give you is look closely to the source codes.

Is it concern with button “Delete”?

Can anyone give me a clue on this? I’ve found and decoded the javascript function but can’t find any ways to make this work for me. Or is this a rabbit hole? :crazy_face: :crazy_face: :crazy_face:

1 Like

OK I got it…simpler than I thought :slight_smile:

plx help me

1 Like

Me too. Any hint on running the JS? Nothing comes out on the Module about this.

Do you found the .js script in the source code of the webapp?

Thanks for answering. Didnt read carefully what the functions did. I completed it :slight_smile: