Tagged "nosql injection"

Squarectf 2020: Deep Web Blog

This is the writeup for the “Deep Web Blog” web challenge from SquareCTF 2020, which was worth 200 points and involved a Blind NoSQL Injection attack.

Challenge statement: A secret informant has tipped us off that hackers on the deep web have been plotting an attack on Square to steal our treasured Bitcoins…

Time to find what their plans are. http://challenges.2020.squarectf.com:9541