Brown Badge

14

Exercises

0

Completed this badge

14

CPEs

Signing Oracle

This exercise covers how a signing oracle can be used to bypass authorization in place

Difficulty: EASY
  • 2 videos
  • Completed by 193 students
  • Takes Less than an hour on average

SSRF in PDF generation

This exercise covers how you can read abitrary files when an application generates pdf from a link you provide

Difficulty: EASY
  • 1 video
  • Completed by 213 students
  • Takes Less than an hour on average

JS Prototype Pollution

This exercise covers how to exploit Prototype Pollution against a JavaScript application

Difficulty: EASY
  • 1 video
  • Completed by 158 students
  • Takes Less than an hour on average

JSON Web Encryption

This exercise covers how you can create your own JWE if you have access to the public key used by the se rver

Difficulty: EASY
  • 2 videos
  • Completed by 119 students
  • Takes Less than an hour on average

TBD Coming soon

TBD

Difficulty: EASY
  • Completed by 0 student
  • Takes -- on average

Apache Pluto RCE

This exercise covers how you can gain code execution in Apache Pluto 3.0.0 due to an issue in the authorisation logic

Difficulty: EASY
  • 1 video
  • Completed by 114 students
  • Takes Less than an hour on average

Unicode and Uppercase

This exercise covers how you can use unicode to gain access to an admin account.

Difficulty: EASY
  • 1 video
  • Completed by 120 students
  • Takes Less than an hour on average

Unicode and Downcase

This exercise covers how you can use unicode to gain access to an admin account.

Difficulty: EASY
  • 1 video
  • Completed by 90 students
  • Takes Less than an hour on average

Zip symlink

This exercise covers how you can create a malicious Zip file and use it to gain access to sensitive files.

Difficulty: EASY
  • 1 video
  • Completed by 76 students
  • Takes Less than an hour on average

PHP phar://

This exercise covers how the PHP phar:// handler can be used to gain code execution using PHP unserialize.

Difficulty: MEDIUM
  • 1 video
  • Completed by 78 students
  • Takes Less than an hour on average

Spring Actuators

This exercise covers how you can gain code execution using Spring Actuators when Spring Cloud is used.

Difficulty: MEDIUM
  • 1 video
  • Completed by 55 students
  • Takes Between 1 and 2 hours on average

From SQL injection to Shell III: PostgreSQL Edition

This exercise covers how to gain access to an administration interface using SQL injection followed by how to get command execution using Ghostscript

Difficulty: MEDIUM
  • Ruby-on-Rails
  • Completed by 30 students
  • Takes Between 2 and 4 hours on average

Unicode and NFKC

This exercise covers how can leverage unicode to get exploit a directory traversal

Difficulty: MEDIUM
  • Completed by 11 students
  • Takes Less than an hour on average

CVE-2020-8163: Rails local name RCE

This exercise details the exploitation of CVE-2020-8163 to gain code execution

Difficulty: HARD
  • Completed by 2 students
  • Takes More than 4 hours on average