Introduction Welcome to the Cyclic Scanner Challenge! This lab is designed to mimic real-world scenarios where vulnerabilities within Android services lead to exploitable situations. Participants ...

Introduction Welcome to the Config Editor Challenge! In this lab, you’ll dive into a realistic situation involving vulnerabilities in a widely-used third-party library. Your objective is to exploi...

Description The web application development company SecureSolaCoders has created their own intranet page. The developers are still very young and inexperienced, but they ensured their boss (Magnus...

Scanning Port scanning ┌──(root㉿kali)-[/home/kali/Desktop/mailing] └─# nmap mailing.htb Starting Nmap 7.94 ( https://nmap.org ) at 2024-06-30 19:04 EDT Stats: 0:01:38 elapsed; 0 hosts ...

First, We need to edit the host’s file. echo "10.10.192.152 internal.thm" | sudo tea -a /etc/hosts Scanning Port scanning root@ip-10-10-228-42:~# nmap internal.thm Starting Nmap 7.60 ( h...

Table of Contents JWT authentication bypass via unverified signature JWT authentication bypass via flawed signature verification JWT authentication bypass via weak signing key JWT authent...

Table of Contents Excessive trust in client-side controls High-level logic vulnerability Inconsistent security controls Flawed enforcement of business rules Low-level logic flaw Incon...

Table of Contents Unprotected admin functionality Unprotected admin functionality with unpredictable URL User role controlled by request parameter User role can be modified in user profil...

Table of Contents Username enumeration via different responses 2FA simple bypass Password reset broken logic Username enumeration via subtly different responses Username enumeration via...

Table of Contents Basic SSRF against the local server Basic SSRF against another back-end system SSRF with blacklist-based input filter SSRF with filter bypass via open redirection vulner...