Media Badge

The media badge is our set of exercises created to teach you how to abuse applications that allows you to upload or retrieve files in different formats: PDF, Images, Videos and use this behaviour to gain code execution or arbitrary file read

20 exercises 22 videos

Exercises

SSRF in PDF generation

This exercise covers how you can read arbitrary files when an application generates pdfs from provided links
1 video
Completed by 915 students
Takes < 1 Hr. on average

Coming soon

Easy

PENTESTERLAB

ODF XXE

This exercise covers the exploitation of an XXE in an ODF Parser
Takes -- on average

Latex: --shell-escape

This exercise covers how one can leverage latex when pdflatex is used with the --shell-escape option to gain command execution.
Completed by 21 students
Takes < 1 Hr. on average
Ruby/Latex

This exercise covers how one can leverage image processing in ActiveStorage to gain command execution.
Completed by 15 students
Takes 1-2 Hrs. on average
Ruby/Rails

This exercise covers the exploitation of CVE-2022-39224
1 video
Completed by 98 students
Takes 2-4 Hrs. on average
Ruby
CWE-78

This exercise covers the exploitation of a PHP application using XSL
2 videos
Completed by 275 students
Takes < 1 Hr. on average
PHP
CWE-94,CWE-306

This exercise covers the exploitation of a PHP application using XSL
2 videos
Completed by 234 students
Takes < 1 Hr. on average
PHP
CWE-94

This exercise covers the exploitation of a vulnerability in the DOMPDF library
2 videos
Completed by 156 students
Takes < 1 Hr. on average
PHP

This exercise covers the exploitation of a PHP application using XSL
2 videos
Completed by 150 students
Takes 2-4 Hrs. on average
PHP
CWE-94

This exercise covers the exploitation of a vulnerability in the DOMPDF library
2 videos
Completed by 58 students
Takes 2-4 Hrs. on average
PHP

This exercise covers the exploitation of a Java application using XSL
2 videos
Completed by 125 students
Takes < 1 Hr. on average
Java

This exercise covers the exploitation of a vulnerability in the DOMPDF library
3 videos
Completed by 74 students
Takes 2-4 Hrs. on average
PHP

This exercise covers the exploitation of a PHP application using XSL
2 videos
Completed by 170 students
Takes < 1 Hr. on average
PHP
CWE-94

CVE-2021-33564 Argument Injection in Ruby Dragonfly

This exercise covers how you can get arbitrary file read using CVE-2021-33564 against Refinery CMS
Completed by 149 students
Takes < 1 Hr. on average
CWE-88

CVE-2021-22204: Exiftool RCE II

This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
Completed by 82 students
Takes < 1 Hr. on average
CWE-94,CWE-74

SSRF via FFMPEG

This exercise covers how you can read arbitrary files when an application uses ffmpeg to render videos from a video you provide
Completed by 255 students
Takes < 1 Hr. on average
Ruby/FFMpeg
CWE-918

This exercise covers the exploitation of a PHP application using XSL
2 videos
Completed by 117 students
Takes < 1 Hr. on average
PHP
CWE-94

CVE-2021-22204: Exiftool RCE

This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
1 video
Completed by 175 students
Takes 1-2 Hrs. on average
CWE-74

SSRF via FFMPEG II

This exercise covers how you can read arbitrary files when an application uses ffmpeg to render videos from a video you provide
Completed by 131 students
Takes < 1 Hr. on average
Ruby/FFMpeg
CWE-918

This exercise covers the automation of the exploitation of a vulnerability in the DOMPDF library
Completed by 27 students
Takes > 4 Hrs. on average
PHP