DataBreach Challenge Writeup
The DataBreach challenge, of medium difficulty, simulates a data breach checker tool using a search engine and requires specific skills related to the OWASP Top 10. The challenge was solved by exploiting SQL injection vulnerabilities, leading to the retrieval of emails and passwords. Additionally, a base64-encoded string was decoded for further insights into the scenario.
NationalHistory Challenge Writeup
This write-up documents a challenge focused on exploiting a deserialization vulnerability within a Node.js application (CVE-2017-5941). It follows the journey of identifying and exploiting this vulnerability, starting from the initial analysis using Gobuster and git-dumper to uncover the exposed .git directory, leading to the extraction of cryptographic keys. The technical approach involves various steps, including reviewing commit history, running the site locally, integrating private keys, ana