BugCrowd’s LevelupCTF 0x07 walkthrough

LevelupCTF is a seven flag CTF. It contains vulnerabilities from information disclosures to Remote Code execution. Each flag provides hints towards the next flag. The CTF consists of wide range of challenges which provides great learning as well. Below are the vulnerabilities and their impacts that I have found: Sensitive Data Exposure – P4 Broken

Advertisements

OVERTHEWIRE NATAS SERIES: 17 – 18 LEVEL Walkthrough

OVERTHEWIRE NATAS level 17-18 is about blind sql injection. To make the level more complicated, the output hasn’t been displayed. Let’s dive in the level: If you look at the code below. It is a simple code which takes the username and check for its existence in the table users. but No output display! This

Advertisements

OVERTHEWIRE NATAS SERIES: 16 – 17 LEVEL Walkthrough

The walkthrough for the last level is available on this link: http://www.anonhack.in/2018/09/overthewire-natas-series-15-16-level-walkthrough/ This level is little bit similar to the last level. Here we have to perform a command injection. Let’s have a look at the source code of this level: See the highlighted text in the code above. $key variable is the one carrying our

Advertisements

OVERTHEWIRE NATAS SERIES: 15 – 16 LEVEL Walkthrough

If you want to see the level 14- 15, follow this link: http://www.anonhack.in/2018/09/overthewire-natas-series-14-15-levels/ Level 15-16 is also based on SQL injection but here we have to work on boolean based SQL injection technique. Let me how you how: This is what the screen looks like: I put “natas16” as the user here and it turns out

Advertisements
python

Bruteforcing FTP using ftplib: Hacking with Python

The article will guide you on how to bruteforce FTP using ftplib library in python. I have already posted an article on how to check for anonymous FTP script. FTP is File transfer protocol which is used to upload/download files from server to client. It works on Port 21. FTPLIB provides many features to python

Advertisements
Advertisements
Advertisements
Advertisements
Advertisements
%d bloggers like this: