Members Contests Blog Tags

Web

Published on
27 octobre 2023
BlueHensCTF 2023 - Best Bathroom on Campus
BlueHensCTF-2023 Chocapikk Web Firebase Information-Disclosure
Exploiting an incorrectly configured Firebase database to reveal hidden data.
Published on
1 octobre 2023
BuckeyeCTF 2023 – Stray
BuckeyeCTF-2023 Lumy Web LFI
HTTP parameter pollution attack leading to LFI
Published on
1 octobre 2023
BuckeyeCTF 2023 – Text Adventure API
BuckeyeCTF-2023 Lumy Web Deserialization
Pickle deserialization exploitation
Published on
1 octobre 2023
BuckeyeCTF 2023 – area51
BuckeyeCTF-2023 Lumy Web SQL
Blind NoSQL injection on MongoDB
Published on
10 septembre 2023
PatriotCTF 2023 – FlowerShop
PatriotCTF-2023 Lumy Web PRNG
mt_rand vulnerability
Published on
10 septembre 2023
PatriotCTF 2023 – PickYourStarter
PatriotCTF-2023 Lumy Web SSTI
SSTI in Web pokemon starter pick challenge
Published on
29 juillet 2023
BYUCTF 2023 – urmombotnetdotnet - 1
BYUCTF-2023 Lumy Web Stacktraces
Getting secrets through stacktraces with flask
Published on
29 juillet 2023
BYUCTF 2023 – urmombotnetdotnet - 2
BYUCTF-2023 Lumy Web Stacktraces
Getting secrets through stacktraces with flask
Published on
29 juillet 2023
BYUCTF 2023 – urmombotnetdotnet - 3
BYUCTF-2023 Lumy Web Stacktraces
Getting secrets through stacktraces with flask
Published on
29 juillet 2023
BYUCTF 2023 – urmombotnetdotnet - 4
BYUCTF-2023 Lumy Web Stacktraces
Getting secrets through stacktraces with flask
Published on
29 juillet 2023
BYUCTF 2023 – urmombotnetdotnet - 5
BYUCTF-2023 Lumy Web Stacktraces
Getting secrets through stacktraces with flask
Published on
29 juillet 2023
TJCTF 2023 – Back to the past
TJCTF-2023 Lumy Web JWT
Changing algorithm from RS256 to HS256, bypassing signature process