WebMar 15, 2024 · 🤖 Identify MD5, SHA256 and 300+ other hashes ☄ Comes with a neat web app ... linux shell bash vps ctf bash-script ctf-tools pentest-tool ffffffff0x Updated Apr 11, 2024; Shell; ron190 / jsql-injection Star 1.2k. Code Issues Pull requests jSQL Injection is a Java application for automatic SQL database injection. ... WebDec 28, 2024 · The steps. The summary of the steps required in solving this CTF are given below: Get the target machine IP address by running the Netdiscover utility. Scan open …
CTF Academy : Web Application Exploitation - GitHub …
WebOct 18, 2024 · This writeup focuses on the Web category of the recently concluded ROOTCON 15 CTF hosted by PwnDeManila. Given the challenge name and description, it hints that the server might be vulnerable to… WebMay 5, 2024 · During the CTF, I came across a relatively simple constructed but clever web challenge that I want to share with you. This is the writeup for cliche. If you are only here to see the solution, feel free to skip to the end of the last section. The Challenge. The challenge text promised the least interesting web challenge, with which I must disagree. small house on the beach for sale
HTB Cyber Apocalypse (2024) Writeup for Web Challenges - Jaime …
WebFeb 10, 2024 · 4- Web Utils. 5- Build a Panel. 6- Web IDE. ... default-src none; script-src 'nonce-g+ojjmb9xLfE+3j9PsP/Ig=='; ... After the end of the CTF I discovered from the discord server of the CTF that there was another gadget permitting us to set any attribute of an iframe , so we can set the srcdoc attribute to redirect the admin to the endpoint ... WebFeb 18, 2024 · Symlink attacks. Found a job that overwrites using root or another user? Try to find symlink attacks. Example: root copies /src to /dst and places permission on /dst; we have write privileges on /dst; we can try to rm /dst and ln -s /src /dst; Once the root job fires, root will overwrite /src with itself (fails) and give write perms on /src; Now we control /src … small house on wheels 78550