webmedium
Phoenix Pipeline
hackthebox
Task: Secure coding challenge - identify and patch two vulnerabilities in a PHP web application via a web-based IDE with Socket.IO save protocol. Solution: Fixed session puzzling (moved session assignment after validation) and file upload TOCTOU race condition (validate before move_uploaded_file).
$ ls tags/ techniques/
file_upload_race_conditionsession_puzzlingtoctou_exploitsocketio_protocolsource_code_reviewadmin_auth_bypass
🔒
Permission denied (requires tier.pro)
Sign in to access full writeups
Create a free account with GitHub, then upgrade to Pro.
$ssh [email protected]