Month: November 2020

  • HackFest 2020

    HackFest 2020

    Incredibly Savage Book Nerd This comic book was mint before this… FLAG: HF-1-200-26505-X978-1-200-26505-5 My favorite book list is RUINED (125) FLAG NOT FOUND The Twelve Labours of Web Coding (dax & Brainmoustache) VASE #1 https://03ca31fb-2981-4b2a-b9de-370b9ce86c2f.webcoding.hfctf.org/robots.txt https://03ca31fb-2981-4b2a-b9de-370b9ce86c2f.webcoding.hfctf.org/dev/.git/HEAD https://03ca31fb-2981-4b2a-b9de-370b9ce86c2f.webcoding.hfctf.org/dev/.git/logs/HEAD FLAG NOT FOUND VASE #2 – Herd the cattle of Geryon Sensitive information in Git commit history This…

  • Bypass Client-Side Validation

  • Client-Side Template Injection

    Client-side template injection vulnerabilities arise when applications using a client-side template framework dynamically embed user input in web pages. When rendering a page, the framework scans it for template expressions and executes any that it encounters. An attacker can exploit this by supplying a malicious template expression that launches a Cross Site Scripting (XSS) attack.

  • Firewalla

    How to access Firewalla using SSH? Connect using SSH Default username: pi, NOT root