The given code snippet is vulnerable to DNS rebinding attack where an attacker can switch the IP addresses associated with domain names to pass certain security checks!
To understand this challenge, let's look at the source code:
First things first, there are two files:
app.js
: Our friendly vulnerable applicationlocal.js
: A simple server which gives us our flag!