Media Badge

6 Exercises
Easy image for SSRF in PDF generation

SSRF in PDF generation

  • This exercise covers how you can read arbitrary files when an application generates pdf from a link you provide
  • 1 video
  • Completed by 440 students
  • Takes Less than an hour on average
Medium image for SSRF via FFMPEG

SSRF via FFMPEG

  • This exercise covers how you can read abitrary files when an application use ffmpeg to render videos from a video you provide
  • Completed by 64 students
  • Takes Between 1 and 2 hours on average
  • Ruby/FFMpeg
Coming soon
Medium image for CVE-2021-33564 Argument Injection in Ruby Dragonfly

CVE-2021-33564 Argument Injection in Ruby Dragonfly

  • This exercise covers how you can get arbitrary file read using CVE-2021-33564 against Refinery CMS
  • Takes -- on average
Hard image for SSRF via FFMPEG II

SSRF via FFMPEG II

  • This exercise covers how you can read abitrary files when an application use ffmpeg to render videos from a video you provide
  • Completed by 22 students
  • Takes Less than an hour on average
  • Ruby/FFMpeg
Hard image for CVE-2021-22204: Exiftool RCE

CVE-2021-22204: Exiftool RCE

  • This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
  • Completed by 34 students
  • Takes Less than an hour on average
Coming soon
Hard image for CVE-2021-22204: Exiftool RCE II

CVE-2021-22204: Exiftool RCE II

  • This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
  • Takes -- on average