「Web Security」タグの記事が10件件あります

Challenge​

Create a note and share with admin :eyes:
Note : Bruteforce is not required.

Challenge​

Can you yoink an image from the admin page?

App: http://35.224.135.84:3200 Admin bot: http://35.224.135.84:3201

Challenge​

Laura just found a website used for monitoring security mechanisms on Rhiza's state and is planning to hack into it to forge the status of these security services. After that she will desactivate these security resources without alerting government agents. Your goal is to get into the server to change the monitoring service behavior.

Server: nc illusion.pwn2win.party 1337

Challenge​

The source for this corporate zero-trust multi factor login portal has been leaked! Figure out how to defeat the super-secure one time code. settings Service: http://corpmfa-01.play.midnightsunctf.se

Solution​

Solution​

問題ページが与えられる

https://2019shell1.picoctf.com/problem/12273/

左上のハンバーガーメニューから「Admin Login」ページへ飛ぶ

プロジェクト構成​

project/
│
├─ conf/
│  │
│  └─ csp.conf
│
├─ php/
│  │
│  └─ index.php
│
└─ Dockerfile

Challenge​

My hated friend releases a service which extracts images from a document. I want to break it to read /flag.

Problem​

Storing passwords on my own server seemed unsafe, so I stored it on a seperate one instead.
However, the connection between them is very slow and I have no idea why.

https://networked-password.web.chal.hsctf.com/

Problem​

I made a strong WAF, so you definitely can't read the flag!

JavaScript はそのままソースコードを読むことができ，簡単にコピーされたり，リバースエンジニアリングされてしまいます

コードを難読化することで完璧にとはいきませんが悪用を防ぐことができます

今回は Nuxt.js プロジェクトで JavaScript を難読化する設定を紹介します