Difficulty

Intermediate

Details

After a short brute force introduction, this exercice explains the tampering of rack cookie and how you can even manage to modify a signed cookie (if the secret is trivial). Using this issue, you will be able to escalate your privileges and gain commands execution.

What you will learn?

  • Rack Cookies tampering
  • Writing small web scripts in Ruby
  • Commands injection attack

Difficulty

Beginner

Details

This exercise explains how you can from a SQL injection gain access to the administration console. Then in the administration console, how you can run commands on the system. If you didn't go through From SQL injection to shell, you should start there and move to this exercise later.

What you will learn?

  • SQL injection exploitation using UNION
  • Cracking md5 hashed passwords
  • Modifying Apache behavior with .htaccess files
  • Writing a PHP webshell

Difficulty

Beginner

Details

This exercise explains how you can exploit CVE-2008-1930 to gain access to the administration interface of a Wordpress installation.

What you will learn?

  • Exploiting CVE-2008-1930
  • Cookies manipulation
  • Mis-use of signature

Difficulty

Intermediate

Details

This exercice explains the interactions between Tomcat and Apache, then it will show you how to call and attack an Axis2 Web service. Using information retrieved from this attack, you will be able to gain access to the Tomcat Manager and deploy a WebShell to gain commands execution.

What you will learn?

  • Axis2 Web service
  • Writing a WebShell in JSP (Java)
  • Attacking the Tomcat Manager

Difficulty

Beginner

Details

This exercise is a set of the most common web vulnerabilities:

What you will learn?

  • Basics of Web
  • Basics of HTTP
  • Detection of common web vulnerabilities:
  • Cross-Site Scripting
  • SQL injections
  • Directory traversal
  • Command injection
  • Code injection
  • XML attacks
  • LDAP attacks
  • File upload
  • Basics of fingerprinting

Difficulty

Advanced

Details

This exercise explains how you can exploit CVE-2012-6081 to gain code execution. This vulnerability was exploited to compromise Debian's wiki and Python documentation website

What you will learn?

  • Exploiting CVE-2012-6081
  • Basics of the tar file format
  • Python code execution

Difficulty

Intermediate

Details

This exercise explains how you can, from a blind SQL injection, gain access to the administration console. Then in the administration console, how you can run commands on the system.

What you will learn?

Blind SQL injection exploitation using time-based exploitation Gaining code execution using a PHP webshell

Difficulty

Beginner

Details

This exercise is a set of the most common web vulnerabilities:

What you will learn?

  • SQL injections
  • Authentication issues
  • Captcha issues
  • Authorization issues
  • Mass Assignment attacks
  • Randomness Issues
  • MongoDB injections

Difficulty

Beginner

Details

This exercise explains how you can tamper with an encrypted cookies to access another user's account.

What you will learn?

  • Weakness in ECB encryption
  • Cookie tampering

Difficulty

Beginner

Details

This exercise explains how you can use a Cross-Site Scripting vulnerability to get access to an administrator's cookies. Then how you can use his/her session to gain access to the administration to find a SQL injection and gain code execution using it.

What you will learn?

  • Cross-Site Scripting exploitation
  • MySQL injection with FILE privilege