Ctf
BlazeCTF 2016 Postboard Writeup
Exploit cPickle.loads which deserialize object from untrusted user input session['auth'] inside verifySession() function.
24-04-2016
4 MIN READ
Ctf
CONFidence DS CTF 2016 RoflScale Writeup
Bypass Python urlparse function
15-04-2016
2 MIN READ
Vulnerabilities
Monstra 3.0.1 Privilege Escalation
Every registered user can change every account because `Request
08-04-2016
2 MIN READ
Ctf
Pwn2Win CTF 2016 Facebug Writeup
Exploit Mako Templates for Python.
30-03-2016
1 MIN READ
Vulnerabilities
Tribulant Slideshow Gallery 1.5.3.4 Reflected XSS
$_GET['order'] is not escaped.
21-03-2016
1 MIN READ
Ctf
0CTF 2016 GuestBook 1 Writeup
Use XSS Auditor for XSS bypass
14-03-2016
3 MIN READ
Ctf
Boston Key Party CTF 2016 Good Morning and OptiProxy Writeup
SQL Injection because of shift-jis encoding.
07-03-2016
2 MIN READ
Ctf
Internetwache CTF 2016 Web Writeup
In PHP when hash looks like 0e[0-9]* and are compared using == it is treated as exponent
22-02-2016
2 MIN READ
From 0 to pentesting hero
Cross-Site Websocket Hijacking
Not so long ago, to make website's content appear in real time it had to be kind of simulated. For example from the level of JavaScript - by sending a request to the server every few seconds and downloading the latest content.
24-07-2019
4 MIN READ