CHALLENGE DESCRIPTION SOLUTION We can see the SQLite from the hint, try to login, and we see this. We need to add comment at password to bypass the username using ' or 1=1 --

CHALLENGE DESCRIPTION SOLUTION Analyze the files they gave us, and look into the server.js We can see that they use MongoDB and Json, search it and we have the payload for nosql.

CHALLENGE DESCRIPTION SOLUTION Using “BurpSuite” to intercept the web, and we can see that when that bot moves, it send the eval to us, let change it.

CHALLENGE DESCRIPTION SOLUTION From the hint, we can guess that the flag will be in the deepest folder, so we need to find those folders. We can see the folder of image Look into the header t...

CHALLENGE DESCRIPTION SOLUTION I have tried lots of things like XSS, SSTI, SQLi, but nothing happend. So I do research, and try dynamic functions in Python. getattr(__import__('subprocess'), 'ge...

CHALLENGE DESCRIPTION SOLUTION WebNet0 Open wireshark, go to the tab: Edit > Preferences > Protocols > TLS then add RSA key list We will see some new HTTP packets, follow them and we h...

CHALLENGE DESCRIPTION SOLUTION After trying some zsteg, exiftool, binwalk, steghide, strings,... and have nothing useful. Let see its content in hex by hexeditor or cyberchef We can see PK, it...

CHALLENGE DESCRIPTION SOLUTION m00nwalk 1 Read hints and do research, we see Apolo use slow-scan tv (sstv). Install tools sudo apt install qsstv && sudo apt install pavucontrol -y run q...

CHALLENGE DESCRIPTION SOLUTION Use Statistics > Protocol Hierarchy to analyze numbers and types of protocol. We can see that lots of UDP here, follow one of them and we can see the stream, wh...

CHALLENGE DESCRIPTION SOLUTION We try to see the file, but there is something inside but we can not see. We search for space character ` ` in the file, and we see that it’s not only space, but ...