Ctf
Confidence Dragonsector CTF - Zippy Web 300 Writeup
Solution for Zippy task from Confidence Dragonsector CTF.
12-03-2020
3 MIN READ
Ctf
Solution for Zippy task from Confidence Dragonsector CTF.
3 MIN READ
Ctf
Bypassing XSS auditor.
5 MIN READ
Ctf
There is SQL Injection in Cookie.
2 MIN READ
Ctf
Exploit cPickle.loads which deserialize object from untrusted user input session['auth'] inside verifySession() function.
4 MIN READ
Ctf
Bypass Python urlparse function
2 MIN READ
Ctf
Exploit Mako Templates for Python.
1 MIN READ
Ctf
Use XSS Auditor for XSS bypass
3 MIN READ
Ctf
SQL Injection because of shift-jis encoding.
2 MIN READ
From 0 to pentesting hero
Retrieving parameters from the user and later displaying them on the website always carries risk of XSS attack. But can you perform such attack without using the HTML tag?
21-03-2019
3 MIN READ