Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
CVE-2022-24720
This exercise covers how one can leverage image processing in ActiveStorage to gain command execution.
|
1-2 Hr. |  |
36 | PRO |
|
|
CVE-2024-47081 | < 1 Hr. | |
26 | PRO |
|
CVE-2022-XX910
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
156 | PRO |
|
|
CVE-2022-X41X9
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
166 | PRO |
|
|
CVE-2012-5XX3
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
183 | PRO |
|
|
CVE-2023-2X8X1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
210 | PRO |
|
|
CVE-2023-30XX1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
217 | PRO |
|
|
CVE-2018-8x14
This challenge covers the review of a CVE in a Java codebase and its patch
|
2-4 Hr. | |
159 | PRO |
|
|
CVE-2014-X80X
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
200 | PRO |
|
|
SAML: CVE-2021-21239
This exercise covers the exploitation of CVE-2021-21239 (PySAML2)
|
1-2 Hr. | |
132 | PRO |
|
|
CVE-2021-22204: Exiftool RCE II
This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
|
< 1 Hr. | |
84 | PRO |
|
|
CVE-2022-39224
This exercise covers the exploitation of CVE-2022-39224
|
1-2 Hr. | |
106 | PRO |
|
|
CVE-2020-13xxx
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
682 | PRO |
|
|
CVE-2019-5x2x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
626 | PRO |
|
|
CVE-2022-26xx9
This challenge covers a vulnerable snippet in a real Java application
|
< 1 Hr. | |
635 | PRO |
|
|
CVE-2008-5x8x_ii
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
654 | PRO |
|
|
CVE-2022-21449
JWT
This exercise covers the exploitation of CVE-2022-21449 against a Java Application relying on JWT
|
< 1 Hr. | |
185 | PRO |
|
|
CVE-2021-33564 Argument Injection in Ruby Dragonfly
This exercise covers how you can get arbitrary file read using CVE-2021-33564 against Refinery CMS
|
< 1 Hr. | |
152 | PRO |
|
|
CVE-2022-21724: JDBC RCE PostgreSQL
This challenge covers how to gain code execution by leveraging a JDBC connection string with PostgreSQL
|
< 1 Hr. | |
196 | PRO |
|
|
CVE-2021-381xx
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
690 | PRO |
|
|
CVE-2021-4xx50
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
847 | PRO |
|
|
CVE-2021-40438
This challenge covers how to trigger a Server-Side Request Forgery by leveraging CVE-2021-40438
|
< 1 Hr. | |
353 | PRO |
|
|
CVE-2021-41773 II
This challenge covers how to gain code execution by leveraging CVE-2021-41773
|
1-2 Hr. | |
218 | PRO |
|
|
CVE-2020-14343: PyYAML unsafe loader
This exercise covers how you can gain code execution when an application use a vulnerable version of PyYAML and relies on load()
|
< 1 Hr. | |
345 | PRO |
|
|
CVE-2020-7115: Aruba Clearpass RCE
This exercise covers a remote command execution issue on Aruba Clearpass RCE
|
< 1 Hr. | |
225 | PRO |
|
|
Apache Pluto RCE
This exercise covers how to gain code execution on Apache Pluto 3.0.0 due to a flaw in the authorization logic
|
< 1 Hr. | |
561 | PRO |
|
|
CVE-2019-5420
This exercise details the exploitation of CVE-2019-5420 to forge a session as another user
|
2-4 Hr. | |
932 | PRO |
|
|
CVE-2018-10933: LibSSH auth bypass
This exercise covers how to bypass authentication on an SSH server based on libssh to gain a shell on the affected system
|
-- | |
0 | FREE |
|
|
CVE-2016-5386: HTTPoxy/Golang HTTProxy namespace conflict
This exercise covers the exploitation of HTTPoxy against an old version of Golang
|
< 1 Hr. | |
949 | PRO |
|
|
CVE-2018-6574: go get RCE
This exercise covers a remote command execution in Golang's go get command.
|
< 1 Hr. | |
914 | PRO |
Showing 1–30 of 39 exercises
Free Labs of the Month
