search
Extra Notes

Challenge 1

Day 0 - 24/4/2025.

#!/usr/bin/env python3
#app.py
from flask import Flask, request, redirect, url_for
import logging

app = Flask(__name__)

logging.basicConfig(level=logging.INFO)

def is_authenticated_user():
    # This function checks if the user is authenticated and is omitted for brevity
   pass

@app.route('/')
def home():
    if not is_authenticated_user():
        logging.info('Unauthorized access attempt.')
        return redirect(url_for('login'))

    redirect_url = request.args.get('redirect_url')
    if redirect_url:
        logging.info(f'Redirecting to: {redirect_url}')
        return redirect(redirect_url)

    return 'Welcome to the home page!'

@app.route('/login')
def login():
    # Simulated login page
    return 'Login Page - User authentication goes here.'

if __name__ == '__main__':
    app.run(debug=False)

hashtag
Vulnerability Analysis

  1. Open Redirect Vulnerability

  2. Log Poisoning Vulnerability

hashtag
Open Redirect Vulnerability

The application accepts redirect_url parameter and redirect the user without proper validation. This allows attackers to redirect users to malicious websites.

hashtag
Log Poisoning Vulnerability

User input from redirect_url is directly logged without sanitization. This could allow injection of malicious data into log files

hashtag
Sample CTF Environment

PreviousSource Code ReviewNextCTF File

Last updated