WEB CSRF
Navigate to [http://10.10.10.28/csrf]. Kerry is naive and clicks on every link you send her, try using a csrf vulnerability to steal her money.
Posted on 2021-11-16 17:05:45.441242
Solved 3 times | 10 Points | under session5
Navigate to [http://10.10.10.28/csrf]. Kerry is naive and clicks on every link you send her, try using a csrf vulnerability to steal her money.
Posted on 2021-11-16 17:05:45.441242
Solved 1 time | 10 Points | under session5
Navigate to [http://10.10.10.28/ssti], try exploiting the ssti to run arbitrary code and get the flag.
Posted on 2021-11-16 17:05:45.441242
Solved 1 time | 10 Points | under session5
Navigate to [http://10.10.10.28/sqli], try exploiting the sqli to dump the users table. (sqlmap may be useful)
Posted on 2021-11-16 17:05:45.441242
Solved 1 time | 10 Points | under session5
Any way to get me access to this new album from my favourite band? (This one is a little tougher!)
Posted on 2021-11-16 17:05:45.441242
Solved 0 times | 10 Points | under session5
My steam wallet is running low. I've tried all the logins we found previously. This might require something new?
Posted on 2021-11-16 17:05:45.441242
Solved 0 times | 5 Points | under session5
I want free access to movies.
Posted on 2021-11-16 17:05:45.441242
Solved 0 times | 5 Points | under session5
More passwords to find!
Posted on 2021-11-16 17:05:45.441242
Solved 1 time | 5 Points | under session5
You've found the login page for the site. Can you get access?
Posted on 2021-11-16 17:05:45.441242
Solved 1 time | 5 Points | under session5
This is a basic pin brute force. You've been given access to this page with a 4 digit pin. Can you build a script to crack it?
Posted on 2021-11-16 17:05:45.441242
Solved 5 times | 5 Points | under session5
You're not admin, are you?
Posted on 2021-11-16 17:05:45.441242
Solved 3 times | 10 Points | under session5
Can you login to an account? (Try doing #4 first)
Posted on 2021-11-16 17:05:45.441242
Solved 3 times | 10 Points | under session5
Can you inject the login page?
Posted on 2021-11-16 17:05:45.441242
Solved 5 times | 10 Points | under session5
Hack the Network Test page . There's a cat
binary is in the same directory as where you are, to run it use ./cat
, the flag is in a file called flag.txt
:)
Posted on 2021-11-16 17:05:45.441242
Solved 3 times | 5 Points | under session5
Another easy one, just look and pretend you're a robot 👀
Posted on 2021-11-16 17:05:45.441242
Solved 5 times | 5 Points | under session5
This is an easy one, just look around...