Writeup Link: Pwned Date Description Perfection is an easy Linux machine that features a web application with functionality to calculate student scores. This application is vulnerable to ...

Writeup Link: Pwned Date Description Jab is a medium-difficulty Windows machine that features an Openfire XMPP server, hosted on a Domain Controller (DC). Public registration on the XMPP ...

Writeup Link: Pwned Date Description Office is a hard-difficulty Windows machine featuring various vulnerabilities including Joomla web application abuse, PCAP analysis to identify Kerbero...

Writeup Link: Pwned Date Description Crafty is an easy-difficulty Windows machine featuring the exploitation of a Minecraft server. Enumerating the version of the server reveals that it i...

This post will showcase the write-ups for all the web challenges present in the 2024 admission CTF to join CiberSecUNI. Challenges levantamoralnumberone - Easy Description Parece como si algu...

Writeup Link: Pwned Date Description Analysis is a hard-difficulty Windows machine, featuring various vulnerabilities, focused on web applications, Active Directory (AD) privileges and pr...

WriteUp Link: Pwned Date Description Bizness is an easy Linux machine showcasing an Apache OFBiz pre-authentication, remote code execution (RCE) foothold, classified as CVE-2023-49070. The...

WriteUp Link: Pwned Date Description Monitored is a medium-difficulty Linux machine that features a Nagios instance. Credentials for the service are obtained via the SNMP protocol, which r...

Injection vulnerabilities are considered the number 3 risk in OWASP’s Top 10 Web App Risks, given their high impact and how common they are. Injection occurs when user-controlled input is misinterp...