From 9441ee608adee6b4f1c98cc990fbb55d0f132232 Mon Sep 17 00:00:00 2001
From: Thomas Vanbesien <tvanbesi@proton.me>
Date: Fri, 27 Mar 2026 14:44:49 +0100
Subject: Add parameter tampering solution

---
 Parameter tampering/Resources/notes.md | 8 ++++++++
 Parameter tampering/flag               | 1 +
 2 files changed, 9 insertions(+)
 create mode 100644 Parameter tampering/Resources/notes.md
 create mode 100644 Parameter tampering/flag

(limited to 'Parameter tampering')

diff --git a/Parameter tampering/Resources/notes.md b/Parameter tampering/Resources/notes.md
new file mode 100644
index 0000000..ad19afd
--- /dev/null
+++ b/Parameter tampering/Resources/notes.md	
@@ -0,0 +1,8 @@
+## Exploit
+
+1. In the survey page choosing a grade will send a POST request. The client-side form allows values between 1 and 10.
+1. Sending a request with a value outside the range (`curl --data valeur=42 --data sujet=2 "http://10.0.2.15/?page=survey" | grep flag`) will give you a flag.
+
+## Fix
+
+Client-side data should not be trusted and should be verified and sanitized both client-side and server-side.
diff --git a/Parameter tampering/flag b/Parameter tampering/flag
new file mode 100644
index 0000000..83f01d9
--- /dev/null
+++ b/Parameter tampering/flag	
@@ -0,0 +1 @@
+03a944b434d5baff05f46c4bede5792551a2595574bcafc9a6e25f67c382ccaa
-- 
cgit v1.2.3