0x01 Http parameter pollution HTTP Parameter Pollution (HPP) is a technique where attackers manipulate HTTP parameters to change the behavior of a web application in unintended ways. In this cha...

Intro Recently, I have participated in UMDCTF as member of F1ag dot txt, together with 1 other teammate. Due to time constraints, we only managed to solve few of them 0x01 By accessing the w...

0x01 <!DOCTYPE html> <html lang="en"> <head> <meta charset="utf-8" /> <meta name="viewport" content="width=device-width, initial-scale=1" /> <title&g...

0x01 Source code: import os from flask import Flask, render_template, session app = Flask(__name__) app.secret_key = "baby-web" FLAG = os.getenv("FLAG", r"grey{fake_flag}") @app.route("/", met...

Intro Recently I have participated in Grey Cat The Flag as a member in F1ag dot txt, and I encountered some questions which are quite interesting ( even though some of the question I did not ac...

Arp-scan Detecting the ip of the machine 192.168.0.211 08:00:27:6d:ec:17 PCS Systemtechnik GmbH Ports Starting with port scanning by using nmap Host is up (0.00100s latency). Not shown: 998 ...

Arp-scan Detecting the ip of the machine 192.168.0.209 08:00:27:76:63:4b PCS Systemtechnik GmbH Ports Starting with port scanning by using nmap 21/tcp open ftp vsftpd 3.0.5 | ftp-anon: A...

Arp-scan Detecting the ip of the machine 192.168.1.63    08:00:27:b1:ae:10       PCS Systemtechnik GmbH Ports Starting with port scanning by using nmap 22/tcp open  ssh     OpenSSH 9.0p1 Ubun...

Arp-scan Detecting the ip of the machine 192.168.1.76 08:00:27:06:e0:17 PCS Systemtechnik GmbH Ports Starting with port scanning by using nmap Host is up (0.018s latency). Not shown: 998 clos...

Arp-scan Detecting the IP of the machine 192.168.1.97 08:00:27:ee:8a:18 PCS Systemtechnik GmbH Ports Starting with port scanning by using nmap root@kali ~ [SIGINT]# nmap -sC 192.168.1.97 St...