📕
Blog
  • 🐞Vulnerabilities & Techniques
    • Web Vulnerabilities
      • Open Redirect
      • HTTP Parameter Pollution (HPP)
      • Host Header Injection (HHI)
      • XSS
      • HTML-Injection
      • clickjacking
      • S3
      • EXternal Xml Entity (XXE)
      • XSS prevention | CSP
      • DOM-XSS
      • SQL Injection | SQLI
      • Response Manipulation Technique & How Burp Suite Works
    • API Vulnerabilities
      • Mass Assignment Vulnerability
  • 🚩CTF
    • ASCWG
  • ✍️Writeups
    • Read Writeups
      • REST API WriteUps
      • Web Vulnerabilities WriteUps
    • Technical Writeups
      • Reset Password Poisoning Via Host Header Injection Lead to (ATO)
      • OTP/2FA Bypasses
        • OTP bypasses
  • 😈TryHackMe
    • THM Advent of Cyber 3 (2021) NoSQL WriteUp
  • 🔱Web-CyberTalents
    • CyberTalents-Web-Easy
    • CyberTalents-Web-Medium
    • CyberTalents-Web-Hard
  • 🖇️Pentesting & Bug Hunting Tips
    • ATO Via Host Header Injection
    • OTP Bypass
    • OutLook Plugin Pentest Guide
  • 💻Port-Swigger Labs
    • XML external entity (XXE) injection
    • DOM-XSS
      • DOM XSS in the document.write sink using source location.search
      • Lab: DOM XSS in document.write sink using source location.search inside a select element
      • Lab: DOM XSS in innerHTML sink using source location.search
      • Lab: DOM XSS in jQuery anchor href attribute sink using location.search source
      • Lab: Reflected DOM XSS
      • Lab: Stored DOM XSS
    • SQL injection
      • Lab: SQL injection vulnerability in WHERE clause allowing retrieval of hidden data
      • Lab: SQL injection vulnerability allowing login bypass
      • Lab: SQL injection UNION attack, determining the number of columns returned by the query
      • Lab: SQL injection UNION attack, finding a column containing text
      • Lab: SQL injection UNION attack, retrieving data from other tables
      • Lab: SQL injection UNION attack, retrieving multiple values in a single column
      • Lab: SQL injection attack, querying the database type and version on Oracle
      • Lab: SQL injection attack, querying the database type and version on MySQL and Microsoft
      • Lab: SQL injection attack, listing the database contents on non-Oracle databases
  • 🛜Wireless Networks Penetration Testing
  • ⚔️Wi-Fi Attacks
    • 🕸️Network Scanning attack
    • 🌊DOS / Flooding
      • 1️⃣DoS - Frame Flooding (Deauth, EAPOL, Beacons)
      • 2️⃣DoS- Exploiting Countermeasures (MIC failure)
    • Jamming Attacks (هجمات التشويش)
    • Probe Requests Attack
    • Handshake Attacks
      • Dictionary Attack
      • Clientless Attack
      • KRACK Attack
      • Downgrad Attack
    • Rouge AP Attack
  • Lab Notes
  • RFID and NFC
  • Bluetooth
  • ZigBee
  • Google Map Test
Powered by GitBook
On this page
  • CyberTalents Practice
  • 01- share the ideas:
  • Solution:
  • 02- Dark Project:
  • Solution: HERE
  • 03- Join Team:
  • Solution:
  • 04- The Restricted Sessions:
  • Solution:
  • 05- Searching for the cookie:
  • Solution:
  • 06- who is admin:
  • Solution:
  • 07- Catch me if you can:
  • Solution: HERE
  • 08- black inc:
  • Solution:
  • 09- Owls Blog:
  • Solution: HERE
  • 10- Big Number:
  • Solution: HERE
  • 11- bypass_the_world:
  • Solution: HERE
  • 12- admin_get_first:
  • Solution: HERE
  • 13- Secret Browser :
  • Solution: HERE
  • 14- 14- inbox:
  • Solution:
  • 15- secret_blog:
  • Solution: HERE
  • 15- Hashable:
  • Solution:
  • 16- Global:
  • Solution: HERE
  • Todo:
  1. Web-CyberTalents

CyberTalents-Web-Medium

PreviousCyberTalents-Web-EasyNextCyberTalents-Web-Hard

Last updated 2 years ago

CyberTalents Practice

  • Difficulty: Medium

  • Points: 100 point

  • Category: Web Security

Solution:

Solution:

Solution:

Solution:

Solution:

Solution:

Solution:

Solution:

Solution:

Todo:

Solution:

Solution:

Solution:

Solution:

Solution:

Solution:

Solution:

Solution:

🔱
01- share the ideas:
02- Dark Project:
HERE
03- Join Team:
04- The Restricted Sessions:
05- Searching for the cookie:
06- who is admin:
07- Catch me if you can:
HERE
08- black inc:
09- Owls Blog:
HERE
10- Big Number:
HERE
11- bypass_the_world:
HERE
12- admin_get_first:
HERE
13- Secret Browser :
HERE
14- 14- inbox:
15- secret_blog:
HERE
15- Hashable:
16- Global:
HERE
The dark lord
F2Up