Skip to content

Commit d3fe2cb

Browse files
author
Gonzalo Garcia Leon
committed
typo
1 parent 6dcfb7c commit d3fe2cb

File tree

3 files changed

+1
-1
lines changed

3 files changed

+1
-1
lines changed

images/.DS_Store

0 Bytes
Binary file not shown.

images/cloudb/.DS_Store

6 KB
Binary file not shown.

midnightsun-ctf/cloudb.md

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -73,7 +73,7 @@ The above JSON policy (on Intro), tells:
7373
profilepics/```
7474

7575
### The magic of team work.
76-
Phiber, from int3pids is one of our ID10Ts team collage, he was the first on start working on this challenge. When I woke up, he has some work done over the challenge as he realized **how to inject characters on the S3 policy** generated by the ```/signature``` controller.
76+
Phiber, from int3pids is one of our ID10Ts team colleague, he was the first on start working on this challenge. When I woke up, he has some work done over the challenge as he realized **how to inject characters on the S3 policy** generated by the ```/signature``` controller.
7777

7878
- First he found the secret key which used to create the sign on the ```hmac``` parameter. This signs the ```acl``` parameter. The key was ```[object Object]```, literally.
7979
- Second, he was able to inject JSON strings on the ```acl``` parameter. Let's explain it.

0 commit comments

Comments
 (0)