SheHacksKE Intervasity CTF 2023 Web Writeups On friday the 22nd of September 2023 I had an opportunity to take part in the Annual Intervasity CTF from SheHacksKE with some friends from fr334aks under the alias “Seekers” which was partly online and also onsite at USIU Africa, We ended up winning 🥇 beating atleast other 80 teams that had atleast a single solve in the CTF Graph1 This was a fairly easy challenge, all that was required of us was to query the flag using the GetFlag query that would fetch the flag from the Flagtable.
Daily RoundUP I will be sharing all the handy links that come across on a daily basis (I hope) within the week,sorted by categories 20th Sep 2023 CTF web ctf challs Bug Bounty Live recon with Tomnomnom 27th October 2023 Jsonp attacks
Learn365 by Harshbothra
Context Aware Content Discovery
AuthBypass
https://medium.com/@zycc2727/ssrf-cross-site-scripting-a54422d0753e
https://shahjerry33.medium.com/xss-the-localstorage-robbery-d5fbf353c6b0
https://infosecwriteups.com/all-about-file-upload-xss-c72c797aaba3
https://t.co/fcgDlQhRcD
https://namratha-gm.medium.com/ssrf-to-local-file-read-through-html-injection-in-pdf-file-53711847cb2f
Introduction In this post we will cover the basics of XSS automation using Paramspider and kxss applicable in pentesting and Bug Bounties Prerequisites Paramspider
kxss
What is XSS XSS (Cross-Site Scripting) is a type of security vulnerability that can be found in web applications. It allows an attacker to inject malicious code, such as scripts, into a web page viewed by other users. This can lead to the theft of sensitive information, such as login credentials or personal data, and can also be used to hijack user sessions or redirect users to malicious websites.
For the Wins (FTW) Below will be a compilation of one-liners and other tricks to solve common issues that i come across Installing Python2.7 on Kali Linux sudo apt install python2.7 python2.7-dev -y && curl -O https://bootstrap.pypa.io/pip/2.7/get-pip.py && sudo python2.7 get-pip.py Fixing the invalid “egg_info” command '"'"'/tmp/pip-req-build-aSU9AP/setup.py'"'"'; __file__='"'"'/tmp/pip-req-build-aSU9AP/setup.py'"'"';f=getattr(tokenize, '"'"'open'"'"', open)(__file__);code=f.read().replace('"'"'\r\n'"'"', '"'"'\n'"'"');f.close();exec(compile(code, __file__, '"'"'exec'"'"'))' egg_info --egg-base /tmp/pip-pip-egg-info-GmrXHL cwd: /tmp/pip-req-build-aSU9AP/ Complete output (10 lines): /usr/lib/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'extras_require' warnings.warn(msg) /usr/lib/python2.7/distutils/dist.py:267: UserWarning: Unknown distribution option: 'install_requires' warnings.
Prototype Pollutions 1. What is prototype pollution? 2. How does prototype pollution occur? 3. Examples of prototype pollution vulnerabilities 4. How to prevent prototype pollution 5. Conclusion 1. What is prototype pollution? To understand prototype pollutions we may start by defining a prototypes in Javascript, according to MDN doc, “Prototypes are the mechanism by which JavaScript objects inherit features from one another”.
Prototype pollution is a type of vulnerability that can occur in JavaScript programs and now python ?
Dangerous PHP Functions Command Execution exec - Returns last line of commands output passthru - Passes commands output directly to the browser system - Passes commands output directly to the browser and returns last line shell_exec - Returns commands output \`\` (backticks) - Same as shell_exec() popen - Opens read or write pipe to process of a command proc_open - Similar to popen() but greater degree of control pcntl_exec - Executes a program PHP Code Execution Apart from eval there are other ways to execute PHP code: include/require can be used for remote code execution in the form of Local File Include and Remote File Include vulnerabilities.
WebApp Security Will be using the below checklist to mark out already covered topics or otherwise for complete tasks
for incomplete tasks
Web Security Topics for selfstudy: Sql Injection Attack
Hibernate Query Language Injection
Direct OS Code Injection
XML Entity Injection
Broken Authentication and Session Management
Cross-Site Scripting (XSS)
Insecure Direct Object References
Security Misconfiguration
Sensitive Data Exposure
Missing Function Level Access Control
Cross-Site Request Forgery (CSRF)
Using Components with Known Vulnerabilities