Exercises
| Exercise | Avg. Time | Difficulty | Solved by | Tier | |
|---|---|---|---|---|---|
|
|
Cipher block chaining
Crypto
This exercise details how to tamper with data encrypted using CBC
|
1-2 Hr. | 3013 | PRO | |
|
|
Struts s2-045
This exercise covers a Remote Code Execution in Struts 2.
|
< 1 Hr. | 2837 | PRO | |
|
|
CVE-2016-2098
This exercise covers a remote code execution vulnerability in Ruby-on-Rails when using render on user-supplied data
|
< 1 Hr. | 3737 | PRO | |
|
|
CVE-2014-4511: Gitlist RCE
This exercise explains how you can exploit a vulnerability published in 2014 in Gitlist.
|
< 1 Hr. | 15 | FREE | |
|
|
ECDSA
Crypto
This exercise covers the exploitation of a weakness in the usage of ECDSA
|
2-4 Hr. | 371 | PRO | |
|
|
Werkzeug DEBUG
This challenge was written for Ruxcon CTF 2015 and cover the Debug mode of Werkzeug/Flask
|
< 1 Hr. | 1627 | PRO | |
|
|
Padding Oracle
This exercise covers an attack against CBC mode. This attack can be used to decrypt data and re-encrypt arbitrary data
|
1-2 Hr. | 855 | FREE | |
|
|
Unickle
This challenge was written for Ruxcon CTF 2015. It's an SQL injection mixed with a remote code execution.
|
1-2 Hr. | 685 | PRO | |
|
|
CVE-2015-3224
This exercise is a challenge written for Nullcon CTF in 2015
|
< 1 Hr. | 1643 | PRO | |
|
|
Luhn
This challenge was written for Ruxcon CTF 2015. It's an SQL injection with a twist
|
2-4 Hr. | 633 | PRO | |
|
|
Introduction 00
This exercise will guide you through the process of scoring on an exercise to get it marked as completed
|
< 1 Hr. | 31904 | PRO | |
|
|
Introduction 01
This exercise will guide through the process of scoring an exercise to mark it as completed
|
< 1 Hr. | 30830 | PRO | |
|
|
Introduction 02
This exercise will guide through the process of scoring an exercise to mark it as completed. Finding the key is just a little bit harder than the previous exercise.
|
< 1 Hr. | 30418 | PRO | |
|
|
Introduction 03
This exercise will guide through the process of scoring an exercise to mark it as completed. However, this time, you will run commands on the underlying operating system. You will need to run the score command with your UUID.
|
< 1 Hr. | 29720 | PRO | |
|
|
CVE-2013-0156: Rails Object Injection
This exercise covers the exploitation of a code execution in Ruby-on-Rails using XML and YAML.
|
< 1 Hr. | 4071 | PRO | |
|
|
JWT Algorithm Confusion
JWT
This exercise covers the exploitation of an issue with some implementations of JWT
|
1-2 Hr. | 3875 | PRO | |
|
|
CVE-2016-0792
This exercise covers the exploitation of an Xstream vulnerability in Jenkins
|
< 1 Hr. | 4882 | PRO | |
|
|
ObjectInputStream
This exercise covers the exploitation of a call to readObject in a Spring application
|
< 1 Hr. | 4379 | PRO | |
|
|
XMLDecoder
This exercise covers the exploitation of an application using XMLDecoder
|
< 1 Hr. | 5477 | PRO | |
|
|
CVE-2014-1266
This exercise covers how to intercept an HTTPs connection
|
1-2 Hr. | 1078 | PRO | |
|
|
CVE-2011-0228
This exercise covers how to intercept an HTTPs connection
|
1-2 Hr. | 1233 | PRO | |
|
|
Intercept 03
This exercise covers how to intercept an HTTPs connection with hostname verification.
|
< 1 Hr. | 1518 | PRO | |
|
|
Intercept 02
This exercise covers how to intercept an HTTPs connection.
|
< 1 Hr. | 1670 | PRO | |
|
|
Intercept 01
This exercise covers how to intercept an HTTP connection.
|
1-2 Hr. | 1848 | PRO | |
|
|
Struts devMode
This exercise covers how to get code execution when a Struts application is running in devMode
|
-- | 0 | PRO | |
|
|
JSON Web Token None Algorithm
JWT
This exercise covers the exploitation of a signature weakness in a JWT library.
|
< 1 Hr. | 10300 | PRO | |
|
|
Cross-Origin Resource Sharing
This exercise covers Cross-Origin Resource Sharing and how it can be used to bypass CSRF protection if it's misconfigured
|
-- | 0 | PRO | |
|
|
API to Shell
API
This exercise covers the exploitation of PHP type confusion to bypass a signature and the exploitation of unserialize.
|
2-4 Hr. | 3537 | PRO | |
|
|
Pickle Code Execution
This exercise covers the exploitation of Python's pickle when used to deserialize untrusted data
|
< 1 Hr. | 6533 | PRO | |
|
|
Play XML Entities
This exercise covers the exploitation of XML entities in the Play framework
|
1-2 Hr. | 2309 | FREE |
Showing 691–720 of 738 exercises
Free Labs of the Month