Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
CVE-2019-5420
This exercise details the exploitation of CVE-2019-5420 to forge a session as another user
|
2-4 Hr. |  |
921 | PRO |
|
|
Gogs RCE II
This exercise covers how to get code execution against the Git self hosted tool: Gogs.
|
< 1 Hr. |  |
609 | PRO |
|
|
Gogs RCE
This exercise covers how to get code execution against the Git self hosted tool: Gogs.
|
1-2 Hr. | |
681 | PRO |
|
|
CVE-2018-10933: LibSSH auth bypass
This exercise covers how to bypass authentication on an SSH server based on libssh to gain a shell on the affected system
|
-- | |
0 | FREE |
|
|
CVE-2018-11235: Git Submodule RCE
This exercise details the exploitation of a vulnerability in Git Sub
module that can be used to get command execution
|
2-4 Hr. | |
526 | PRO |
|
|
CVE-2016-5386: HTTPoxy/Golang HTTProxy namespace conflict
This exercise covers the exploitation of HTTPoxy against an old version of Golang
|
< 1 Hr. | |
939 | PRO |
|
|
CVE-2018-6574: go get RCE
This exercise covers a remote command execution in Golang's go get command.
|
< 1 Hr. | |
905 | PRO |
|
|
CVE-2018-0114
JWT
This exercise details
the exploitation of a vulnerability in Cisco's node-jose, a JavaScript library created to manage JWT
|
2-4 Hr. | |
1905 | PRO |
|
|
CVE-2016-10033: PHPMailer RCE
This exercise covers a remote code execution vulnerability in PHPMailer
|
< 1 Hr. | |
3801 | PRO |
|
|
CVE-2016-2098
This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data
|
< 1 Hr. | |
3714 | PRO |
|
|
CVE-2014-4511: Gitlist RCE
This exercise explains how you can exploit a vulnerability published in 2014 in Gitlist.
|
< 1 Hr. | |
13 | FREE |
|
|
CVE-2015-3224
This exercise is a challenge written for Nullcon CTF in 2015
|
< 1 Hr. | |
1632 | PRO |
|
|
CVE-2013-0156: Rails Object Injection
This exercise covers the exploitation of a code execution in Ruby-on-Rails using XML and YAML.
|
< 1 Hr. | |
4022 | PRO |
|
|
CVE-2016-0792
This exercise covers the exploitation of an Xstream vulnerability in Jenkins
|
< 1 Hr. | |
4860 | PRO |
|
|
CVE-2014-6271/Shellshock
This exercise covers the exploitation of a Bash vulnerability through a CGI.
|
< 1 Hr. |  |
9066 | FREE |
|
|
CVE-2007-1860: mod_jk double-decoding
This exercise covers the exploitation of CVE-2007-1860. This vulnerability allows an attacker to gain access to inaccessible pages using crafted requests. This is a common trick that a lot of testers miss.
|
1-2 Hr. | |
6176 | FREE |
|
|
CVE-2012-6081: MoinMoin code execution
This exercise explains how you can exploit CVE-2012-6081 to gain code execution. This vulnerability was exploited to compromise Debian's wiki and Python documentation website
|
-- | |
0 | FREE |
|
|
CVE-2008-1930: WordPress Cookie Integrity Flaw
This exercise explains how you can exploit CVE-2008-1930 to gain access to the administration interface of a Wordpress installation.
|
< 1 Hr. | |
26 | FREE |
|
|
CVE-2012-2661: ActiveRecord SQL injection
This exercise explains how you can exploit CVE-2012-2661 to retrieve information from a database
|
-- | |
0 | FREE |
|
|
CVE-2012-1823: PHP CGI
This exercise explains how you can exploit CVE-2012-1823 to retrieve the source code of an application and gain code execution.
|
-- | |
1 | FREE |
Showing 151–170 of 170 exercises
Free Labs of the Month
