subfn’s playground

Let’s learn about infosec!

Posts

Htb Toy Workshop

Toy Workshop

Toy Workshop is a challenge in which we are given the source code as well as a hosted copy of a web app that we need to hack in order to find the flag.

Read More

Htb Toy Management

Toy Management

Toy Management is a challenge in which we are given the source code as well as a hosted copy of a web app that we need to hack in order to find the flag.

Read More

Htb Naughty Or Nice

Naughty or Nice

Naughty or Nice is a challenge in which we are given the source code as well as a hosted copy of a web app that we need to hack in order to find the flag.

Read More

Htb Gadget Santa

Gadget Santa

Gadget Santa is a challenge in which we are given the source code as well as a hosted copy of a web app that we need to hack in order to find the flag.

Read More

Htb Elf Directory

Elf Directory

Elf Directory is a challenge in which we are given a hosted copy of a web app that we need to hack in order to find the flag. In this challenge, we were not provided with a copy of the source code.

Read More

Attacking applications with Base64

Something you’ll come across alot when dealing with web applications in Base64. What is Base64? Base64 is an encoding scheme used to convert binary data to ASCII text allowing binary data to be transmitted over channels that don’t handle binary data well. What’s great news for bug hunters is that a lot of applications trust Base64-encoded input, giving you more opportunities for discovering vulnerabilities.

Read More

Learn bypasses, not payloads

The thing I love most about hacking is figuring out how things work. There’s something magical about feeding input into a black box and figuring out what’s happening inside based solely on its output.

Read More