EWEBSITE()
.home()
.posts()
.github()
hacking
hackthebox
javascript
machines
nginx
privesc
sqli
web
websockets
cache
challenges
varnish
bruteforce
bypass
haproxy
rate_limiting
inheritance
nodejs
prototype_pollution
ssrf
xss
apache
http_smuggling
CVE-2022-44268
imagemagick
dns
dns_rebinding
android
mobile
sslpininng_bypass
2022
ccsc
crypto
ctfs
forensics
misc
pwn
reverse
2024
js2py
jwt
path_traversal
serviceworkers
wizerctf
n00bz
programming
write_primitive
zip_slipping
2023
class_pollution
flask
python
magic
weird
angr
assembly
rc4
wireshark
protected
HackTheBox - Challenges No-Threshold
Date: 09/12/2023
This post is password protected, description is not available
bruteforce
bypass
challenges
hacking
hackthebox
haproxy
rate_limiting
sqli
web
Reading Time: 1 minutes
HackTheBox - Challenges Saturn
Date: 03/11/2023
I very simple flask app is all this challenge is. We can immidieitly spot a kind of SSRF as a service vulnerability. And the flag is retrieved by /secret if the request is coming from localhost. Ok then what prevents us from using the ssrf to request /secret, get the flag and get done with it?...
bypass
challenges
dns
dns_rebinding
hacking
hackthebox
ssrf
web
Reading Time: 4 minutes
Wizer CTF 2024 All Challenges
Date: 08/02/2024
Last week I was able to participate at a wonderful CTF organized over at Wizer. This CTF consisted of 6 web challenges in varying difficulty where participants were challenged to a Blitz speed-hacking competition of who can solve the most in 6 hours very generous prizes for the top 3....
2024
bypass
ctfs
dns
dns_rebinding
hacking
js2py
jwt
nginx
path_traversal
serviceworkers
ssrf
web
wizerctf
Reading Time: 22 minutes