Challenge Description Simple URL shortener. What could go wrong? Source Code Analysis app.py (Server) http://web-oops-app:5000/ @app.route('/', methods=['GET', 'POST']) def index()...

Challenge Description I opened a contest to see who could create the most beautiful CSS styles. Feel free to submit your CSS styles to me and I will add them to my website to judge them. I’ll even...

Challenge Description XSS in Markdown fenced code block Source Code Analysis markdown.js function parseMarkdown(markdownText) { const lines = markdownText.split('\n'); let ht...

Challenge Description Improper use of parseInt leads to unexpected results Source Code Analysis app.post('/vote', async (req, res) => { const {vote} = req.body; if(typeof vote != 'num...

Challenge Description Rust is the most safest, fastest and bestest language to write web app! The code compiles, therefore it is impossible for bugs! Source Code Analysis async fn query(State(st...

Challenge Description Flask session secret key leaked Source Code Analysis import os from flask import Flask, render_template, session app = Flask(__name__) app.secret_key = "baby-web" FLAG = o...

Overview Machine begins with a subdomain enumeration, discovering dev.stocker.htb, where it is susceptible to a NoSQLi login bypass. Exploiting this vulnerability granted access to the cart checkou...

Overview The machine begins with a web enumeration which led to the discovery of a vulnerable version of WordPress 5.6.2 and a vulnerable plugin, Booking Press 1.0.10. The plugin Booking Press 1.0...

Overview This machine begins w/ a web enumeration, /dev/.git is discovered, since .git is found, we are able to view the logs and commits of the git repository, providing us w/ the header needed to...

Overview This machine begins w/ a web enumeration, discovering bludit CMS running, it is vulnerable to a bruteforce protection bypass, directory traversal + image upload exec vulnerability. With ce...