Stripe CTF 2.0 writeups, levels 0 to 6

About a week late, but here you have my writeups for Stripe CTF 2.0, levels 0 to 6. There were two more levels, but I wasn’t able to complete them.

Congrats to the Stripe guys for the nice work organizing this web-oriented CTF!

Level 0 (SQL Injection)

This level was a web application written using node.js. It was possible to inject SQL code into a vulnerable query, as seen below:

Continue reading