Gunship htb challenge writeup. HTB: Gunship - Web Exploitation Challenge Mar 1, 2021 · A classmate was assigned with developing a website using a prototype-based language called Javascript. HTB Gunship - Writeup Access details -> 159. So let’s go through the source code which is made available to us. The title of the challenge webpage is This hints that AST injections will be Oct 30, 2024 · HackTheBox-Challenges Gunship Writeup kazma Security Researcher 2024-10-30 22:49 2025-08-20 13:53:24 htb | challenges | writeup' | web | prototype-pollution | ast-injection 49 00:00-Intro01:48-Start of the Challenge looking at website02:55-Looking at the page source and js file04:41-Analyzing the request in Burpsuite05:15-Testing t Gunship CHALLENGE DESCRIPTION Difficulty: VERY EASY A city of lights, with retrofuturistic 80s peoples, and coffee, and drinks from another world all the wooing in the world to make you feel more lonely this ride ends here, with a tribute page of the British synthwave band called Gunship. Dec 11, 2024 · Gunship is a Node. Source code reveals a comment that hints towards the exploit being caused by ‘ prototype pollution in unflatten’. So the challenge starts with a simple submit input that takes an artist name and sends it to the backend. 0:00 - Introduction0:20 - Starting Gunship, doing some co Aug 19, 2021 · It is quite a simple web challenge from Hack The Box, it requires you to analysis the source code of the challenges. 31. json) Dec 15, 2024 · Today, we will be doing Gunship from HackTheBox which is labeled as an easy-level Web challenge that aims at teaching AST injection in javascript template engines through prototype pollution, leading to RCE. asnfqa rbhpy vixz bzpk itd trgw yukicow qot fcye wpdw