protected

HackTheBox - Challenges No-Threshold image

HackTheBox - Challenges No-Threshold

Date: 09/12/2023

This post is password protected, description is not available

bruteforce bypass challenges hacking hackthebox haproxy rate_limiting sqli web

Reading Time: 1 minutes

HackTheBox - Challenges Saturn image

HackTheBox - Challenges Saturn

Date: 03/11/2023

I very simple flask app is all this challenge is. We can immidieitly spot a kind of SSRF as a service vulnerability. And the flag is retrieved by /secret if the request is coming from localhost. Ok then what prevents us from using the ssrf to request /secret, get the flag and get done with it?...

bypass challenges dns dns_rebinding hacking hackthebox ssrf web

Reading Time: 4 minutes

Wizer CTF 2024 All Challenges image

Wizer CTF 2024 All Challenges

Date: 08/02/2024

Last week I was able to participate at a wonderful CTF organized over at Wizer. This CTF consisted of 6 web challenges in varying difficulty where participants were challenged to a Blitz speed-hacking competition of who can solve the most in 6 hours very generous prizes for the top 3....

2024 bypass ctfs dns dns_rebinding hacking js2py jwt nginx path_traversal serviceworkers ssrf web wizerctf-1

Reading Time: 22 minutes