The orange badge is our third set of exercises. It covers a wide range of vulnerabilities targetting other clients of the applications (XSS, CSRF, CORS...)

  • PHP/Apache/Mysql
  • Completed by 0 students

XSS and MySQL FILE Coming soon

  • Difficulty:

This exercise explains how you can use a Cross-Site Scripting vulnerability to get access to an administrator's cookies. Then how you can use his/her session to gain access to the administration to find a SQL injection and gain code execution using it.

  • PHP
  • Completed by 0 students

Brute-Force and CSRF Coming soon

  • Difficulty:

This exercise details how to do a brute-force attack and how to exploit a CSRF vulnerability

  • PHP/Apache/Mysql
  • Completed by 0 students

Cross-Origin Resource Sharing Coming soon

  • Difficulty:

This exercise covers Cross-Origin Resource Sharing and how it can be used to bypass CSRF protection if misconfigured.

  • Completed by 0 students

CVE-2018-6574: go get RCE Coming soon

  • Difficulty:

This exercise covers a remote command execution in Golang's go get command.