EVANGELOSPRO

mainIcon

Hello, my name is Evangelos Lioudakis

You have landed on my piece of the internet.

Latest Posts

N00bz CTF 2024 writeups image

N00bz CTF 2024 writeups

Date: 05/08/2024

Above we can see a small program that asks the user to calculate answers of adding two random numbers. The user is asked to choose the number of questions he wants to answer and is awarded with the respective number of characters of the flag. However since there is an exponential delay due to pow(2,i), the classical approach of an automated solver would take too long. The smart thing to do here is to use the negative indexing feature of...

2024 ctfs hacking misc n00bz path_traversal programming pwn write_primitive zip_slipping

Reading Time: 9 minutes

My Android Pentesting Setup image

My Android Pentesting Setup

Date: 31/05/2024

Initialize waydroid and allow it to download the latest Lineage OS SDK + GAPPS (Google services)...

android hacking mobile sslpininng_bypass

Reading Time: 3 minutes

Wizer CTF 2024 All Challenges image

Wizer CTF 2024 All Challenges

Date: 08/02/2024

Last week I was able to participate at a wonderful CTF organized over at Wizer. This CTF consisted of 6 web challenges in varying difficulty where participants were challenged to a Blitz speed-hacking competition of who can solve the most in 6 hours very generous prizes for the top 3....

2024 bypass ctfs dns dns_rebinding hacking js2py jwt nginx path_traversal serviceworkers ssrf web wizerctf-1

Reading Time: 22 minutes

protected

HackTheBox - Challenges Prying Eyes image

HackTheBox - Challenges Prying Eyes

Date: 10/12/2023

This post is password protected, description is not available

CVE-2022-44268 challenges hacking hackthebox imagemagick web

Reading Time: 2 minutes

protected

HackTheBox - Challenges No-Threshold image

HackTheBox - Challenges No-Threshold

Date: 09/12/2023

This post is password protected, description is not available

bruteforce bypass challenges hacking hackthebox haproxy rate_limiting sqli web

Reading Time: 1 minutes

HackTheBox - Challenges WS-Todo image

HackTheBox - Challenges WS-Todo

Date: 30/11/2023

The functionality is very simple, you can either get or add todos...

challenges hacking hackthebox javascript ssrf web websockets xss

Reading Time: 3 minutes

HackTheBox - Challenges Saturn image

HackTheBox - Challenges Saturn

Date: 03/11/2023

I very simple flask app is all this challenge is. We can immidieitly spot a kind of SSRF as a service vulnerability. And the flag is retrieved by /secret if the request is coming from localhost. Ok then what prevents us from using the ssrf to request /secret, get the flag and get done with it?...

bypass challenges dns dns_rebinding hacking hackthebox ssrf web

Reading Time: 4 minutes

HackTheBox - Challenges Breaking Grad image

HackTheBox - Challenges Breaking Grad

Date: 01/11/2023

A file that particularly stands out is...

challenges hacking hackthebox inheritance javascript nodejs prototype_pollution web

Reading Time: 2 minutes

protected

HackTheBox - Challenges ApacheBlaze image

HackTheBox - Challenges ApacheBlaze

Date: 01/11/2023

This post is password protected, description is not available

apache challenges hacking hackthebox http_smuggling web

Reading Time: 2 minutes

HackTheBox - Machines Soccer image

HackTheBox - Machines Soccer

Date: 15/08/2023

login using default credentials: admin: admin@123 from https://github.com/prasathmani/tinyfilemanager upload simple php reverse shell and get shell as www-data...

hacking hackthebox javascript machines nginx privesc sqli web websockets

Reading Time: 1 minutes

protected

HackTheBox - Challenges EasterBunny image

HackTheBox - Challenges EasterBunny

Date: 07/08/2023

This post is password protected, description is not available

cache challenges hacking hackthebox varnish web

Reading Time: 2 minutes

CCSC 2023 Secret Prompt image

CCSC 2023 Secret Prompt

Date: 21/07/2023

We believe the machines came up with their own mechanism to keep humans out. Deceive the machines. Make them believe you are one of them and retrieve...

2023 ccsc ctfs hacking javascript magic web weird

Reading Time: 4 minutes

View all posts