One of the CTF challenges from TFC CTF was called “MacDonalds”. This challenge essentially asks you to find a web directory–without using a scanner like dirb–given a few hints.
There’s
OverTheWire is an educational hacking site with different “war games” meant to teach different topics (for example, Natas teaches web security).
Krypton is a short war game focused on introductory cryptography concepts.
Level
With level 33 of Natas, we are randomly back to PHP after a brief journey using Perl. This is the final level of OverTheWire’s Natas series!
This walkthrough covers how Phar deserialization
This next level of Natas is solvable using the techniques in the previous post, but this walkthrough will cover the same techniques, skipping over the read-only version of the Pinnacle Attack from “Perl
This next level of Natas is another Perl-focused one. The attack vector used is from a 2016 presentation called “Perl Jam 2“, describing a 20 year old bug. Despite (or maybe because of?