HTB Business CTF 2023 Writeup - FullPwn - Langmon
In this challenge I used a Wordpress plugin to get code execution, and a vulnerability...
2023, Jul 19 — 9 minute readIn this challenge I used a Wordpress plugin to get code execution, and a vulnerability...
2023, Jul 19 — 9 minute readI this challenge I had to find AWS credentials in an exposed S3 buckets. And...
2023, Jul 19 — 4 minute readIn this challenge, I had to exploit a NoSQL injection vulnerability in CouchDB. Very Easy...
2023, Jul 19 — 2 minute readIn this challenge I had to exploit a Java deserialization vulnerability in SnakeYaml. Easy As...
2023, Jul 19 — 3 minute readIn Socket, I exploited an SQL Injection vulnerability in a websocket to extract the database....
2023, Jul 16 — 21 minute readIn Inject, I had to exploit a file read vulnerability to extract the Maven configuration...
2023, Jul 08 — 10 minute readIn Stocker, I exploited a NoSQL Injection to login an application before using a Local...
2023, Jun 24 — 11 minute readThis was an easy machine where I exploited LFI, SQL Injection, and some insecure configurations....
2023, Jun 10 — 15 minute readThis was a really fun machine where I exploited a Local File Inclusion (LFI) vulnerability...
2023, Jun 04 — 15 minute readThis track was really fun. It started by a simple web exploit, and continued with...
2023, May 22 — 13 minute readIn this challenge, we were given three Git repositories to clone. Each had a different...
2023, May 22 — 7 minute readThe Hackademy contains web challenges for beginners. This year, I realized I had writeups for...
2023, May 22 — 5 minute readThis was a simple steganography challenge. I had to extract a 7-zip archive from an...
2023, May 22 — 4 minute readThis challenge was about solving a CAPTCHA that used a predicable value to seed its...
2023, May 22 — 3 minute readIn this machine, I had to exploit a vulnerability in a web application that converts...
2023, May 21 — 11 minute read