An exciting web challenge involving a file write vulnerability through upload functionality and authentication bypass using sha.js hash rewinding attack. A deep dive into exploiting CVE-2025-9288 in sha.js library.