small spelling changes

README.md

@@ -2,7 +2,7 @@ Whatsscam
 ====================
 This service was played as part of the enowars8 tournament.
 
-Whatsscam is an online messanger service that lets you "securely" text with people.
+Whatsscam is an online messenger service that lets you "securely" text with people.
 The Service contains vulnerabilities that can leak data. 
 Inside the documentation folder a readme is contained that explains the exploits/vulnerabilities and possible fixes.
 

documentation/README.md

@@ -34,7 +34,7 @@ The base RSA function uses 2 prime numbers that are connected, called sexy prime
 - Position: Backup
 - CVE Number: CVE-2024-33663
 
-The Backup token is vulnerable as the authlib does not differaniate between 2 algorithms. This makes it possible to not only authenticate/sign with the private key inside the token, but also create a token with the public key that will be handled the same way as the private key token. You can create a fake token via the userlist in which the public keys are listed than you can login in as if you would have the actual private key token.
+The Backup token is vulnerable as the authlib does not differentiate between 2 algorithms. This makes it possible to not only authenticate/sign with the private key inside the token, but also create a token with the public key that will be handled the same way as the private key token. You can create a fake token via the userlist in which the public keys are listed than you can login in as if you would have the actual private key token.
 
 # Exploits
 

documentation/issues/issues.txt

@@ -1,2 +1,2 @@
 - low bit on rsa for time reasons
-- nasty bug was found and fixed -> random wasnt random inside async because async makes it so the time is the same therefore the same email was used several times -> lead to mumble 
+- nasty bug was found and fixed -> random was not random inside async because async makes it so the time is the same therefore the same email was used several times -> lead to mumble