NahamCon CTF 2023: Web Challenge Walkthroughs
12.2 هزار بار بازدید -
پارسال
-
Video walkthrough for some Web
Video walkthrough for some Web challenges from the NahamCon Capture the Flag (CTF) competition 2023 (organised by @NahamSec ); Star Wars, Stickers, Hidden Figures and Obligatory. Topics covered include XSS, domPDF RCE, hidden data (misc/stego) and SSTI with WAF filter bypass. Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #NahamCon #NahamCon2023 #NahamConCTF #CTF #Pentesting #OffSec #WebSec
If you're looking for the "Marmalade 5" Web challenge, check the @intigriti channel: Cracking a JWT with MD5_HMAC Algorith... 🥰
Full write-ups for the challenges: https://github.com/Crypto-Cat/CTF/tre...
↢Social Media↣
Twitter: Twitter: _CryptoCat
GitHub: https://github.com/Crypto-Cat/CTF
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: LinkedIn: cryptocat
Reddit: Reddit: _CryptoCat23
YouTube: cryptocat23
Twitch: Twitch: cryptocat23
↢NahamConCTF↣
https://ctf.nahamcon.com/challenges
Discord: discord
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
Volatility: https://github.com/volatilityfoundati...
PwnTools: https://github.com/Gallopsled/pwntool...
CyberChef: https://gchq.github.io/CyberChef
DCode: https://www.dcode.fr/en
HackTricks: https://book.hacktricks.xyz/pentestin...
CTF Tools: https://github.com/apsdehal/awesome-ctf
Forensics: https://cugu.github.io/awesome-forensics
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
0:00 Start
0:18 Star Wars (XSS)
4:07 Stickers (domPDF RCE via ttf/php polyglot)
11:45 Hidden Figures (Hidden data/embedded files)
17:55 Obligatory (SSTI + WAF)
25:26 End
If you're looking for the "Marmalade 5" Web challenge, check the @intigriti channel: Cracking a JWT with MD5_HMAC Algorith... 🥰
Full write-ups for the challenges: https://github.com/Crypto-Cat/CTF/tre...
↢Social Media↣
Twitter: Twitter: _CryptoCat
GitHub: https://github.com/Crypto-Cat/CTF
HackTheBox: https://app.hackthebox.eu/profile/11897
LinkedIn: LinkedIn: cryptocat
Reddit: Reddit: _CryptoCat23
YouTube: cryptocat23
Twitch: Twitch: cryptocat23
↢NahamConCTF↣
https://ctf.nahamcon.com/challenges
Discord: discord
↢Resources↣
Ghidra: https://ghidra-sre.org/CheatSheet.html
Volatility: https://github.com/volatilityfoundati...
PwnTools: https://github.com/Gallopsled/pwntool...
CyberChef: https://gchq.github.io/CyberChef
DCode: https://www.dcode.fr/en
HackTricks: https://book.hacktricks.xyz/pentestin...
CTF Tools: https://github.com/apsdehal/awesome-ctf
Forensics: https://cugu.github.io/awesome-forensics
Decompile Code: https://www.decompiler.com
Run Code: https://tio.run
↢Chapters↣
0:00 Start
0:18 Star Wars (XSS)
4:07 Stickers (domPDF RCE via ttf/php polyglot)
11:45 Hidden Figures (Hidden data/embedded files)
17:55 Obligatory (SSTI + WAF)
25:26 End
پارسال
در تاریخ 1402/03/28 منتشر شده
است.
12,234
بـار بازدید شده