Video write-up about the Real World CTF challenge "flaglab" that involved exploiting a gitlab 1day. Actually two CVEs are combined to achieve full remote code execution.
This short php code contains a critical vulnerability. In this video I will explain in detail what I think while analysing it.
At first I was not able to solve the mindreader challenge, even though it was supposed to be easy. I have a critical look at my approach and figured out two major mistakes I made.
This was considered a hard challenge. After finding and analysing the source code we found a GQL injection. Unfortunately there is a system in place that will ban you for too many requests. So we use a modified binary search algorithm to finish in time.
Leaking data through a search cross origin, by abusing a behaviour of Chrome regarding iframed pages that trigger errors.
