Description : SQL/NOSQL Challenge From Root-Me : Link SQL injection - Authentication - GBK Solution: #!/usr/bin/env python3 import requests session = requests.session() url = "http://chal...

Description : he University of Toronto is hosting its second inaugural Capture the Flag competition. It will be jeopardy-style, held online with categories such as Web, Pwn, Rev, Crypto, Misc, a...

Description :The C.O.P (Cult of Pickles) have started up a new web store to sell their merch. We believe that the funds are being used to carry out illicit pickle-based propaganda operations! In...

Description : A previous Root Me administrator is trying to replicate the website after being banned for sharing challenge solutions. Try to find out if he is hiding any other flags on his new w...

Description : Pilgrimage is an easy-difficulty Linux machine featuring a web application with an exposed Git repository. Analysing the underlying filesystem and source code reveals the use of a ...

Description : Sau is an Easy Difficulty Linux machine that features a Request Baskets instance that is vulnerable to Server-Side Request Forgery (SSRF) via CVE-2023-27163. Leveraging the vulnera...

Description : A classic battle for the ages. Enumerations Let’s start with a quick Nmap scan. Nmap Scan Starting Nmap 7.80 ( https://nmap.org ) at 2023-07-16 15:48 +01 Nmap scan report for 1...

Description : Now with more Cat Pictures! Enumeration Let’s begin with a rapid Nmap scan. root@Fs:.../CTFs/catpictures2# nmap -sCV -oN nmap 10.10.44.70 # Nmap 7.80 scan initiated Mon Jul 3 ...

Description : Two Million is an easy level box which was released because of the celebration of the 2 million user milestone. Nmap-scan First, let’s initiate a quick scan utilizing nmap...