Exploit various web security vulnerabilities.
Slides:
Recorded Lectures:
11/15/23 Web Security Pt. 1:
11/20/23 Web Security Pt. 2:
11/22/23 Web Security Pt. 3:
Documentation that can help with solving these challenges:
The excellent kanak (creator of pwn.college) has recorded lectures and slides from prior CSE 365 that might be useful:
Exploit a path traversal vulnerability
Exploit a command injection vulnerability
Exploit an authentication bypass vulnerability
Exploit a structured query language injection vulnerability to login
Exploit a structured query language injection vulnerability to leak data
Exploit a structured query language injection vulnerability with an unknown database structure
Exploit a structured query language injection vulnerability to blindly leak data
Exploit a cross site scripting vulnerability
Exploit a cross site scripting vulnerability with more complicated context
Exploit a cross site scripting vulnerability to cause a user action
Exploit a cross site request forgery vulnerability
Exploit a cross site request forgery vulnerability where the request must POST
Exploit a cross site scripting vulnerability to exfilitrate user session data
Exploit a cross site scripting vulnerability to exfilitrate user data
This scoreboard reflects solves for challenges in this module after the module launched in this dojo.
Week | Month | All Time