HackTheBox - Challenges WS-Todo image

HackTheBox - Challenges WS-Todo

Date: 30/11/2023

The functionality is very simple, you can either get or add todos...

Reading Time: 3 minutes

HackTheBox - Challenges Saturn image

HackTheBox - Challenges Saturn

Date: 03/11/2023

I very simple flask app is all this challenge is. We can immidieitly spot a kind of SSRF as a service vulnerability. And the flag is retrieved by /secret if the request is coming from localhost. Ok then what prevents us from using the ssrf to request /secret, get the flag and get done with it?...

Reading Time: 4 minutes

Wizer CTF 2024 All Challenges image

Wizer CTF 2024 All Challenges

Date: 08/02/2024

Last week I was able to participate at a wonderful CTF organized over at Wizer. This CTF consisted of 6 web challenges in varying difficulty where participants were challenged to a Blitz speed-hacking competition of who can solve the most in 6 hours very generous prizes for the top 3....

Reading Time: 23 minutes