Api: Difference between revisions
From Pessin randon wiki
Created page with "===Description=== ===Question=== ===Solution=== ===Tools=== ===Flag=== ===Links=== * Back to CTF Challenges page" |
No edit summary |
||
| Line 1: | Line 1: | ||
===Description=== | ===Description=== | ||
We found a nice target where some backed API communication is happeingn behind the scenes at URL. | |||
Sometimes it is possible to extrtact valuable information by tampering some parameters. | |||
Some dictionary attack may be used against index.php script and it seems that a web proxy is best tool for this job. | |||
===Question=== | ===Question=== | ||
Can you reverse engineer messages and extract some information from this endpoint? | |||
===Solution=== | ===Solution=== | ||
Revision as of 13:30, 9 September 2022
Description
We found a nice target where some backed API communication is happeingn behind the scenes at URL.
Sometimes it is possible to extrtact valuable information by tampering some parameters.
Some dictionary attack may be used against index.php script and it seems that a web proxy is best tool for this job.
Question
Can you reverse engineer messages and extract some information from this endpoint?
