Posts
Htb Toy Workshop
Toy Workshop
Toy Workshop is a challenge in which we are given the source code as well as a hosted copy of a web app that we need to hack in order to find the flag.
Htb Toy Management
Toy Management
Toy Management is a challenge in which we are given the source code as well as a hosted copy of a web app that we need to hack in order to find the flag.
Htb Naughty Or Nice
Naughty or Nice
Naughty or Nice is a challenge in which we are given the source code as well as a hosted copy of a web app that we need to hack in order to find the flag.
Htb Gadget Santa
Gadget Santa
Gadget Santa is a challenge in which we are given the source code as well as a hosted copy of a web app that we need to hack in order to find the flag.
Htb Elf Directory
Elf Directory
Elf Directory is a challenge in which we are given a hosted copy of a web app that we need to hack in order to find the flag. In this challenge, we were not provided with a copy of the source code.
Neat OSINT trick: Google account disclosure
Recently I discovered a little OSINT trick that lets you discover if an email address has a Google account associated with it and, if so, the address of that account.
Attacking applications with Base64
Something you’ll come across alot when dealing with web applications in Base64. What is Base64? Base64 is an encoding scheme used to convert binary data to ASCII text allowing binary data to be transmitted over channels that don’t handle binary data well. What’s great news for bug hunters is that a lot of applications trust Base64-encoded input, giving you more opportunities for discovering vulnerabilities.
Do It Yourself: Make your own payloads
In a recent post, I told everyone that instead of copying and pasting payloads they find on the web that they should learn how to make their own bypasses and create their own payloads. But, as someone pointed out to me on twitter, I didn’t go into how you can learn to make your own payloads. I don’t know of any canonical reference for this so I’ll just give you some of my own thoughts along with what’s worked for me.
Quick Burp tip: Using Burp without changing your OS proxy settings
Here’s a quick trick for you all.
Learn bypasses, not payloads
The thing I love most about hacking is figuring out how things work. There’s something magical about feeding input into a black box and figuring out what’s happening inside based solely on its output.
How some open redirect vulnerabilities are XSSes in disguise
One class of vulnerability that doesn’t seem to get much attention is the open redirect. In this post, I am going to give a little bit of background on open redirect vulnerabilities and describe how to parlay one into an XSS.