Media Badge

• This exercise covers how you can read arbitrary files when an application generates pdf from a link you provide
• 1 video
• Completed by 627 students
• Takes Less than an hour on average

• This exercise covers the exploitation of a PHP application using XSL
• Completed by 16 students
• Takes Less than an hour on average
• PHP

XSL PHP II

• This exercise covers the exploitation of a PHP application using XSL
• Takes -- on average
• PHP

DOMPDF RCE

• This exercise covers the exploitation of a vulnerability in the DOMPDF library
• Takes -- on average
• PHP

XSL PHP III

• This exercise covers the exploitation of a PHP application using XSL
• Takes -- on average
• PHP

XSL PHP IV

• This exercise covers the exploitation of a PHP application using XSL
• Takes -- on average
• PHP

DOMPDF RCE II

• This exercise covers the exploitation of a vulnerability in the DOMPDF library
• Takes -- on average
• PHP

• This exercise covers how you can read abitrary files when an application use ffmpeg to render videos from a video you provide
• Completed by 152 students
• Takes Between 1 and 2 hours on average
• Ruby/FFMpeg

• This exercise covers how you can get arbitrary file read using CVE-2021-33564 against Refinery CMS
• Completed by 52 students
• Takes Less than an hour on average

• This exercise covers how you can read abitrary files when an application use ffmpeg to render videos from a video you provide
• Completed by 76 students
• Takes Between 1 and 2 hours on average
• Ruby/FFMpeg

• This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
• 1 video
• Completed by 96 students
• Takes Between 1 and 2 hours on average

CVE-2021-22204: Exiftool RCE II

• This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
• Takes -- on average