Check for API keys or database passwords in config.js or .env .
Install the unrar utility via sudo apt install unrar and use unrar x codem-chat.rar . codem-chat.rar
Look for how the application handles incoming messages. Is there a lack of sanitization that could lead to XSS (Cross-Site Scripting)? Check for API keys or database passwords in config
Examine the "private chat" feature. Can a user view messages from a room they aren't invited to by manipulating the roomID ? 3. Exploitation Path codem-chat.rar
Use The Unarchiver or the brew command brew install unrar .