README.md
Rendering markdown...
const path = require('path');
const express = require('express');
const { Sequelize, DataTypes } = require('sequelize');
const PORT = Number(process.env.PORT || 9100);
const FLAG = process.env.FLAG || 'EQST{Fake}';
const sequelize = new Sequelize({
dialect: 'sqlite',
storage: process.env.DB_PATH || ':memory:',
logging: false,
});
const User = sequelize.define('User', {
username: {
type: DataTypes.STRING,
allowNull: false,
},
metadata: {
type: DataTypes.JSON,
allowNull: false,
},
});
const Flag = sequelize.define('Flag', {
flag: {
type: DataTypes.STRING,
allowNull: false,
},
}, {
tableName: 'Flag',
});
async function seedDatabase() {
await sequelize.sync({ force: true });
await User.bulkCreate([
{ username: 'minseo.jwa', metadata: { name: 'Minseo Jwa', role: 'Security Researcher', team: 'EQST', office: 'Seoul', department: 'Security', email: '[email protected]' } },
{ username: 'olivia.bennett', metadata: { name: 'Olivia Bennett', role: 'Frontend Developer', team: 'Team E', office: 'New York', department: 'Engineering', email: '[email protected]' } },
{ username: 'noah.sullivan', metadata: { name: 'Noah Sullivan', role: 'Backend Developer', team: 'Team E', office: 'Austin', department: 'Engineering', email: '[email protected]' } },
{ username: 'emma.carter', metadata: { name: 'Emma Carter', role: 'Security Engineer', team: 'Team Q', office: 'Boston', department: 'Security', email: '[email protected]' } },
{ username: 'liam.parker', metadata: { name: 'Liam Parker', role: 'DevOps Engineer', team: 'Team E', office: 'Seattle', department: 'Platform', email: '[email protected]' } },
{ username: 'ava.hughes', metadata: { name: 'Ava Hughes', role: 'HR Manager', team: 'Team T', office: 'Chicago', department: 'People', email: '[email protected]' } },
{ username: 'elijah.cooper', metadata: { name: 'Elijah Cooper', role: 'Data Analyst', team: 'Team S', office: 'Austin', department: 'Analytics', email: '[email protected]' } },
{ username: 'sophia.ward', metadata: { name: 'Sophia Ward', role: 'Product Manager', team: 'Team T', office: 'New York', department: 'Product', email: '[email protected]' } },
{ username: 'james.brooks', metadata: { name: 'James Brooks', role: 'QA Engineer', team: 'Team Q', office: 'Seattle', department: 'Quality', email: '[email protected]' } },
{ username: 'isabella.kelly', metadata: { name: 'Isabella Kelly', role: 'UI Designer', team: 'Team T', office: 'Los Angeles', department: 'Design', email: '[email protected]' } },
{ username: 'benjamin.reed', metadata: { name: 'Benjamin Reed', role: 'Mobile Developer', team: 'Team E', office: 'Boston', department: 'Engineering', email: '[email protected]' } },
{ username: 'mia.bailey', metadata: { name: 'Mia Bailey', role: 'Finance Manager', team: 'Team S', office: 'Chicago', department: 'Finance', email: '[email protected]' } },
{ username: 'lucas.barnes', metadata: { name: 'Lucas Barnes', role: 'Recruiter', team: 'Team T', office: 'New York', department: 'People', email: '[email protected]' } },
{ username: 'amelia.cox', metadata: { name: 'Amelia Cox', role: 'Compliance Analyst', team: 'Team S', office: 'Boston', department: 'Security', email: '[email protected]' } },
{ username: 'henry.foster', metadata: { name: 'Henry Foster', role: 'IT Support Specialist', team: 'Team Q', office: 'Austin', department: 'IT', email: '[email protected]' } },
{ username: 'harper.gray', metadata: { name: 'Harper Gray', role: 'Marketing Manager', team: 'Team T', office: 'Los Angeles', department: 'Marketing', email: '[email protected]' } },
{ username: 'alexander.hayes', metadata: { name: 'Alexander Hayes', role: 'Database Administrator', team: 'Team E', office: 'Seattle', department: 'Platform', email: '[email protected]' } },
{ username: 'evelyn.price', metadata: { name: 'Evelyn Price', role: 'Content Strategist', team: 'Team T', office: 'Chicago', department: 'Marketing', email: '[email protected]' } },
{ username: 'daniel.long', metadata: { name: 'Daniel Long', role: 'Security Analyst', team: 'Team Q', office: 'Boston', department: 'Security', email: '[email protected]' } },
{ username: 'abigail.wood', metadata: { name: 'Abigail Wood', role: 'Technical Writer', team: 'Team S', office: 'Austin', department: 'Operations', email: '[email protected]' } },
{ username: 'mason.powell', metadata: { name: 'Mason Powell', role: 'Sales Manager', team: 'Team S', office: 'New York', department: 'Sales', email: '[email protected]' } },
{ username: 'ella.patterson', metadata: { name: 'Ella Patterson', role: 'People Operations Partner', team: 'Team T', office: 'Chicago', department: 'People', email: '[email protected]' } },
{ username: 'logan.russell', metadata: { name: 'Logan Russell', role: 'Cloud Architect', team: 'Team E', office: 'Seattle', department: 'Platform', email: '[email protected]' } },
{ username: 'scarlett.hamilton', metadata: { name: 'Scarlett Hamilton', role: 'Legal Counsel', team: 'Team S', office: 'Boston', department: 'Legal', email: '[email protected]' } },
{ username: 'jacob.graham', metadata: { name: 'Jacob Graham', role: 'Procurement Specialist', team: 'Team S', office: 'Chicago', department: 'Operations', email: '[email protected]' } },
{ username: 'grace.simmons', metadata: { name: 'Grace Simmons', role: 'Research Engineer', team: 'Team Q', office: 'Austin', department: 'Security', email: '[email protected]' } },
{ username: 'michael.bishop', metadata: { name: 'Michael Bishop', role: 'Full Stack Developer', team: 'Team E', office: 'New York', department: 'Engineering', email: '[email protected]' } },
{ username: 'chloe.butler', metadata: { name: 'Chloe Butler', role: 'Office Manager', team: 'Team T', office: 'Los Angeles', department: 'Operations', email: '[email protected]' } },
{ username: 'ethan.coleman', metadata: { name: 'Ethan Coleman', role: 'Account Executive', team: 'Team S', office: 'Chicago', department: 'Sales', email: '[email protected]' } },
{ username: 'lily.bryant', metadata: { name: 'Lily Bryant', role: 'Customer Success Manager', team: 'Team S', office: 'Boston', department: 'Customer Success', email: '[email protected]' } },
{ username: 'william.jenkins', metadata: { name: 'William Jenkins', role: 'Infrastructure Engineer', team: 'Team E', office: 'Seattle', department: 'Platform', email: '[email protected]' } },
]);
await Flag.create({
flag: FLAG,
});
}
function buildApp() {
const app = express();
app.use(express.json());
app.use(express.static(__dirname));
app.get('/', (_req, res) => {
res.type('html').send(`<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8" />
<meta name="viewport" content="width=device-width, initial-scale=1" />
<title>CVE-2026-30951 by EQST Lab</title>
<style>
:root {
--bg: #f6f3ed;
--panel: rgba(255, 252, 248, 0.92);
--ink: #1b1a17;
--muted: #6b665e;
--accent: #9a3f26;
--border: rgba(120, 102, 80, 0.18);
--shadow: 0 24px 80px rgba(53, 36, 12, 0.08);
}
* {
box-sizing: border-box;
}
body {
margin: 0;
min-height: 100vh;
color: var(--ink);
font-family: "Segoe UI", "Helvetica Neue", Arial, sans-serif;
background:
radial-gradient(circle at top left, rgba(154, 63, 38, 0.12), transparent 30%),
radial-gradient(circle at bottom right, rgba(109, 122, 90, 0.09), transparent 34%),
linear-gradient(180deg, #fbf8f2 0%, var(--bg) 100%);
}
.shell {
max-width: 980px;
margin: 0 auto;
padding: 48px 16px 72px;
}
.card {
background: var(--panel);
backdrop-filter: blur(12px);
border: 1px solid var(--border);
border-radius: 24px;
box-shadow: var(--shadow);
}
.hero {
display: grid;
justify-items: center;
gap: 10px;
margin-bottom: 18px;
}
.hero img {
width: min(280px, 62vw);
height: auto;
object-fit: contain;
display: block;
}
.search-head {
margin-bottom: 14px;
}
.title-row {
display: flex;
align-items: baseline;
gap: 12px;
margin-bottom: 0;
}
.search-title {
margin: 0;
color: var(--muted);
font-size: 2rem;
letter-spacing: 0.14em;
text-transform: uppercase;
font-weight: 700;
}
.search-subtitle {
margin: 0;
color: var(--muted);
font-size: 0.85rem;
font-weight: 600;
letter-spacing: 0.14em;
text-transform: uppercase;
white-space: nowrap;
}
h1 {
margin: 0;
font-size: inherit;
line-height: inherit;
letter-spacing: inherit;
font-weight: 700;
}
.search-card {
padding: 24px 26px;
margin-bottom: 20px;
}
.search-row {
display: grid;
grid-template-columns: 1fr auto;
gap: 12px;
align-items: center;
}
input {
width: 100%;
padding: 15px 18px;
border-radius: 16px;
border: 1px solid var(--border);
background: rgba(255, 255, 255, 0.85);
color: var(--ink);
font: inherit;
}
input:focus {
outline: 2px solid rgba(154, 63, 38, 0.14);
border-color: rgba(154, 63, 38, 0.3);
}
button {
cursor: pointer;
appearance: none;
border: 0;
border-radius: 999px;
padding: 12px 20px;
color: #fffaf4;
font: inherit;
font-weight: 600;
background: linear-gradient(135deg, #8f2a16, #c3562f);
}
.hint {
margin-top: 10px;
color: var(--muted);
font-size: 0.93rem;
}
.results-card {
padding: 24px 26px;
}
.section-title {
margin: 0 0 12px;
color: var(--muted);
font-size: 0.85rem;
letter-spacing: 0.14em;
text-transform: uppercase;
font-weight: 700;
}
.status {
margin-bottom: 14px;
color: var(--muted);
font-size: 0.95rem;
}
.empty {
padding: 24px;
border: 1px dashed var(--border);
border-radius: 18px;
color: var(--muted);
background: rgba(255, 255, 255, 0.56);
}
.result-list {
display: grid;
gap: 14px;
}
.result-item {
display: grid;
gap: 12px;
padding: 18px;
border-radius: 18px;
border: 1px solid var(--border);
background: rgba(255, 255, 255, 0.72);
}
.result-head {
display: flex;
justify-content: space-between;
gap: 12px;
align-items: start;
}
.result-item strong {
display: block;
margin-bottom: 4px;
font-size: 1.08rem;
}
.subline {
color: var(--muted);
font-size: 0.94rem;
}
.badge-row {
display: flex;
flex-wrap: wrap;
gap: 8px;
}
.badge {
padding: 7px 10px;
border-radius: 999px;
border: 1px solid var(--border);
background: rgba(255, 255, 255, 0.84);
color: var(--ink);
font-size: 0.84rem;
}
.meta {
display: grid;
grid-template-columns: repeat(3, minmax(0, 1fr));
gap: 10px;
}
.meta-block {
padding: 12px;
border-radius: 14px;
border: 1px solid var(--border);
background: rgba(255, 255, 255, 0.58);
}
.meta-label {
margin-bottom: 4px;
color: var(--muted);
font-size: 0.76rem;
letter-spacing: 0.12em;
text-transform: uppercase;
}
.meta-value {
font-size: 0.98rem;
font-weight: 600;
}
@media (max-width: 720px) {
.search-row {
grid-template-columns: 1fr;
}
.result-head {
flex-direction: column;
}
.meta {
grid-template-columns: 1fr;
}
}
</style>
</head>
<body>
<main class="shell">
<section class="hero">
<img src="/eqst01.png" alt="EQST logo" />
</section>
<section class="card search-card">
<div class="search-head">
<div class="title-row">
<div class="search-title">CVE-2026-30951</div>
<span class="search-subtitle">by EQST Lab</span>
</div>
</div>
<div class="search-row">
<input id="query" type="text" placeholder="Try searching for Olivia, Emma, Daniel, or a partial match like son." />
<button id="submit">Search</button>
</div>
</section>
<section class="card results-card">
<div class="section-title">Results</div>
<div id="status" class="status">Ready.</div>
<div id="results" class="empty">Search results will appear here.</div>
</section>
</main>
<script>
const queryInput = document.getElementById('query');
const status = document.getElementById('status');
const results = document.getElementById('results');
function buildPayload(rawQuery) {
const query = rawQuery.trim().toLowerCase();
if (!query) {
throw new Error('Enter a name to search');
}
return {
filter: {
name: query
}
};
}
function renderUsers(users) {
if (!Array.isArray(users) || users.length === 0) {
results.className = 'empty';
results.textContent = 'No employees matched your search.';
return;
}
results.className = 'result-list';
results.innerHTML = users.map((user) => {
let metadata = user.metadata;
if (typeof metadata === 'string') {
try {
metadata = JSON.parse(metadata);
} catch (_error) {
metadata = { value: metadata };
}
}
return '<article class="result-item">' +
'<div class="result-head">' +
'<div>' +
'<strong>' + String(metadata.name || user.username) + '</strong>' +
'<div class="subline">@' + String(user.username) + '</div>' +
'</div>' +
'<div class="badge-row">' +
'<span class="badge">' + String(metadata.team || 'Unassigned') + '</span>' +
'<span class="badge">' + String(metadata.department || 'General') + '</span>' +
'</div>' +
'</div>' +
'<div class="badge-row">' +
'<span class="badge">' + String(metadata.role || 'Employee') + '</span>' +
'<span class="badge">' + String(metadata.office || 'Unknown Office') + '</span>' +
'</div>' +
'<div class="meta">' +
'<div class="meta-block"><div class="meta-label">Department</div><div class="meta-value">' + String(metadata.department || '-') + '</div></div>' +
'<div class="meta-block"><div class="meta-label">Office</div><div class="meta-value">' + String(metadata.office || '-') + '</div></div>' +
'<div class="meta-block"><div class="meta-label">Email</div><div class="meta-value">' + String(metadata.email || '-') + '</div></div>' +
'</div>' +
'</article>';
}).join('');
}
async function sendRequest() {
status.textContent = 'Searching...';
try {
const payload = buildPayload(queryInput.value);
const response = await fetch('/api/users/search', {
method: 'POST',
headers: {
'Content-Type': 'application/json'
},
body: JSON.stringify(payload)
});
const data = await response.json();
if (!response.ok || !data.ok) {
throw new Error(data.error || 'Search failed');
}
status.textContent = 'Found ' + data.count + ' result(s).';
renderUsers(data.users);
} catch (error) {
status.textContent = 'Search failed.';
results.className = 'empty';
results.textContent = error.message;
}
}
document.getElementById('submit').addEventListener('click', sendRequest);
queryInput.addEventListener('keydown', (event) => {
if (event.key === 'Enter') {
event.preventDefault();
sendRequest();
}
});
</script>
</body>
</html>`);
});
app.get('/healthz', async (_req, res) => {
try {
await sequelize.authenticate();
res.json({ ok: true });
} catch (error) {
res.status(500).json({ ok: false, error: error.message });
}
});
app.post('/api/users/search', async (req, res) => {
const filter = req.body && typeof req.body.filter === 'object' ? req.body.filter : {};
try {
let users;
const filterKeys = Object.keys(filter);
if (filterKeys.length === 1 &&filterKeys[0] === 'name'&& typeof filter.name === 'string') {
const query = filter.name.trim().toLowerCase();
users = (await User.findAll({
order: [['username', 'ASC']],
raw: true,
})).filter((user) => {
const metadata = typeof user.metadata === 'string' ? JSON.parse(user.metadata) : user.metadata;
const haystacks = [
String(user.username || '').toLowerCase(),
String(metadata.name || '').toLowerCase(),
];
return haystacks.some((value) => value.includes(query));
});
} else {
users = await User.findAll({
where: { metadata: filter },
raw: true,
logging: (sql) => {
console.log(`SQL: ${sql}`);
},
});
}
res.json({
ok: true,
count: users.length,
users,
});
} catch (error) {
res.status(500).json({
ok: false,
error: error.message,
});
}
});
return app;
}
async function initialize() {
await seedDatabase();
return buildApp();
}
async function main() {
const app = await initialize();
app.listen(PORT, () => {
console.log(`Challenge server listening on http://127.0.0.1:${PORT}`);
});
}
if (require.main === module) {
main().catch((error) => {
console.error(error);
process.exit(1);
});
}
module.exports = {
Flag,
PORT,
User,
buildApp,
initialize,
sequelize,
};