Brown Badge
7
Exercises
0
Completed this badge
4
CPEs
Signing Oracle
This exercise covers how a signing oracle can be used to bypass authorization in place
Difficulty: EASY- 2 videos
- Completed by 53 students
- Takes Less than an hour on average
SSRF in PDF generation Coming soon
This exercise covers how you can read abitrary files when an application generates pdf from a link you provide
Difficulty: EASY- Completed by 0 student
- Takes -- on average
JSON Web Encryption
This exercise covers how you can create your own JWE if you have access to the public key used by the se rver
Difficulty: EASY- 2 videos
- Completed by 29 students
- Takes Less than an hour on average
TBD Coming soon
TBD
Difficulty: EASY- Completed by 0 student
- Takes -- on average
Apache Pluto RCE
This exercise covers how you can gain code execution in Apache Pluto 3.0.0 due to an issue in the authorisation logic
Difficulty: EASY- Completed by 8 students
- Takes Less than an hour on average
PHP phar://
This exercise covers how the PHP phar:// handler can be used to gain code execution using PHP unserialize.
Difficulty: MEDIUM- Completed by 8 students
- Takes Less than an hour on average
Spring Actuators
This exercise covers how you can gain code execution using Spring Actuators when Spring Cloud is used.
Difficulty: MEDIUM- Completed by 6 students
- Takes Between 1 and 2 hours on average