Back to Challenges
StorageBeginner
PermaLeak Protocol
Exploit broken access controls in Arweave-based storage apps.
250 points
1-2 hours
128 completions
500 XP
Submit Flag
Challenge Description
In this challenge, you'll need to find and exploit vulnerabilities in a decentralized storage protocol to gain access to protected data.
Scenario
You've discovered a new decentralized storage service built on Arweave that claims to be "unhackable." The service stores sensitive data and uses a custom access control mechanism. Your goal is to bypass this mechanism and retrieve a secret file.
Objectives
- Analyze the storage protocol's architecture
- Identify vulnerabilities in the access control mechanism
- Exploit these vulnerabilities to access the protected data
- Retrieve the secret flag
Hints
- Look closely at how the protocol handles transaction verification
- The access control mechanism might not properly validate all request parameters
- Consider how permanent storage differs from traditional storage in terms of data access patterns
Challenge Metadata
Role
Not selected
Difficulty
BeginnerCategory
StorageXP Reward
500 XPSkills
ExploitationReconStorage
Resources
Your Progress
Level 6
XP Progress3250 / 5000 XP
Skill Breakdown
Recommended Next
Crypto Conundrum
Cryptography