Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
CVE-2022-24720
This exercise covers how one can leverage image processing in ActiveStorage to gain command execution.
|
1-2 Hr. |  |
15 | PRO |
|
|
CVE-2024-47081 | < 1 Hr. | |
21 | PRO |
|
CVE-2022-XX910
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
128 | PRO |
|
|
CVE-2022-X41X9
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
138 | PRO |
|
|
CVE-2012-5XX3
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
155 | PRO |
|
|
CVE-2023-2X8X1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
177 | PRO |
|
|
CVE-2023-30XX1
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
184 | PRO |
|
|
CVE-2018-8x14
This challenge covers the review of a CVE in a Java codebase and its patch
|
2-4 Hr. | |
144 | PRO |
|
|
CVE-2014-X80X
This challenge covers the review of a CVE in a Java codebase and its patch
|
< 1 Hr. | |
172 | PRO |
|
|
SAML: CVE-2021-21239
This exercise covers the exploitation of CVE-2021-21239 (PySAML2)
|
1-2 Hr. | |
117 | PRO |
|
|
CVE-2021-22204: Exiftool RCE II
This exercise covers how you can gain code execution when an application uses exiftool on user-controlled files
|
< 1 Hr. | |
82 | PRO |
|
|
CVE-2022-39224
This exercise covers the exploitation of CVE-2022-39224
|
2-4 Hr. | |
98 | PRO |
|
|
CVE-2020-13xxx
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
567 | PRO |
|
|
CVE-2019-5x2x
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
521 | PRO |
|
|
CVE-2022-26xx9
This challenge covers a vulnerable snippet in a real Java application
|
< 1 Hr. | |
601 | PRO |
|
|
CVE-2008-5x8x_ii
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
544 | PRO |
|
|
CVE-2022-21449
JWT
This exercise covers the exploitation of CVE-2022-21449 against a Java Application relying on JWT
|
< 1 Hr. | |
169 | PRO |
|
|
CVE-2021-33564 Argument Injection in Ruby Dragonfly
This exercise covers how you can get arbitrary file read using CVE-2021-33564 against Refinery CMS
|
< 1 Hr. | |
149 | PRO |
|
|
CVE-2022-21724: JDBC RCE PostgreSQL
This challenge covers how to gain code execution by leveraging a JDBC connection string with PostgreSQL
|
< 1 Hr. | |
180 | PRO |
|
|
CVE-2021-381xx
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
654 | PRO |
|
|
CVE-2021-4xx50
This challenge covers the review of a CVE and its patch
|
< 1 Hr. | |
743 | PRO |
|
|
CVE-2021-40438
This challenge covers how to trigger a Server-Side Request Forgery by leveraging CVE-2021-40438
|
< 1 Hr. | |
341 | PRO |
|
|
CVE-2021-41773 II
This challenge covers how to gain code execution by leveraging CVE-2021-41773
|
1-2 Hr. | |
209 | PRO |
|
|
CVE-2020-14343: PyYAML unsafe loader
This exercise covers how you can gain code execution when an application use a vulnerable version of PyYAML and relies on load()
|
< 1 Hr. | |
316 | PRO |
|
|
CVE-2020-7115: Aruba Clearpass RCE
This exercise covers a remote command execution issue on Aruba Clearpass RCE
|
< 1 Hr. | |
220 | PRO |
|
|
Apache Pluto RCE
This exercise covers how to gain code execution on Apache Pluto 3.0.0 due to a flaw in the authorization logic
|
< 1 Hr. | |
556 | PRO |
|
|
CVE-2019-5420
This exercise details the exploitation of CVE-2019-5420 to forge a session as another user
|
2-4 Hr. | |
921 | PRO |
|
|
CVE-2018-10933: LibSSH auth bypass
This exercise covers how to bypass authentication on an SSH server based on libssh to gain a shell on the affected system
|
-- | |
0 | FREE |
|
|
CVE-2016-5386: HTTPoxy/Golang HTTProxy namespace conflict
This exercise covers the exploitation of HTTPoxy against an old version of Golang
|
< 1 Hr. | |
939 | PRO |
|
|
CVE-2018-6574: go get RCE
This exercise covers a remote command execution in Golang's go get command.
|
< 1 Hr. | |
905 | PRO |
Showing 1–30 of 39 exercises
Free Labs of the Month
