Ctf
Confidence Dragonsector CTF - Zippy Web 300 Writeup
Solution for Zippy task from Confidence Dragonsector CTF.
12-03-2020
3 MIN READ
Ctf
SharifCTF 7 Web Writeup
Bypassing XSS auditor.
18-12-2016
5 MIN READ
Ctf
QiwiCTF 2016 Web Writeup
There is SQL Injection in Cookie.
18-11-2016
2 MIN READ
Ctf
BlazeCTF 2016 Postboard Writeup
Exploit cPickle.loads which deserialize object from untrusted user input session['auth'] inside verifySession() function.
24-04-2016
4 MIN READ
Ctf
CONFidence DS CTF 2016 RoflScale Writeup
Bypass Python urlparse function
15-04-2016
2 MIN READ
Ctf
Pwn2Win CTF 2016 Facebug Writeup
Exploit Mako Templates for Python.
30-03-2016
1 MIN READ
Ctf
0CTF 2016 GuestBook 1 Writeup
Use XSS Auditor for XSS bypass
14-03-2016
3 MIN READ
Ctf
Boston Key Party CTF 2016 Good Morning and OptiProxy Writeup
SQL Injection because of shift-jis encoding.
07-03-2016
2 MIN READ
From 0 to pentesting hero
Client Side Template Injection
Retrieving parameters from the user and later displaying them on the website always carries risk of XSS attack. But can you perform such attack without using the HTML tag?
21-03-2019
3 MIN READ