Posts
Muhammad Adel
Cancel

Unrestricted File Upload Leads to SSRF and RCE

Introduction Peace be upon you all, I am going to share with you a vulnerability that I have found almost a year ago and it is remarkable for me because it was the first critical one for me anyway ...

I owe your Request | HTTP Request Smuggling leads to Full Accounts takeover

Introduction Peace be upon you all, this is actually my first writeup which going to be about a very interesting vulnerability, HTTP Request Smuggling, which I found in a private program which I wa...

Cybertalents Space Web Challenge Writeup

Description you might need some space XD. Difficulty: Hard Challenge Link: http://3.126.138.80/catch/http://ec2-35-158-236-11.eu-central-1.compute.amazonaws.com/space/ Solution Exploring Open...

Cybertalents catchMomen Web Challenge Writeup

Description Don’t Try To 3scape From Your Destiny ! Difficulty: Medium Challenge Link: http://3.126.138.80/catch/ Solution Exploring It seems like a normal website for a company. there is on...

Hackerone BugDB challenge Writeup

Peace be upon all of you, on this writeup I am going to cover the solutions of three challenges on Hacekrone related to GraphQL, they have three parts under the name BugDB v1/3. Difficulty: Easy a...

Cybertalents Crashed Machine Writeup

Description Get The highest privilege on the machine and find the flag! Difficulty: Hard Target IP: 3.122.178.169 Target IP: 18.193.129.237 ‌Challenge Link: https://cybertalents.com/challenges...

Cybertalents Shadower Machine Writeup

Description Get The highest privilege on the machine and find the flag! Target IP: 35.156.4.248 Challenge Link: https://cybertalents.com/challenges/machines/shadower User Nmap PORT STATE SE...

Cybertalents String highlighter Web Challenge Writeup

Description Flag is hidden somewhere in the directory. Difficulty: Hard Challenge Link: https://cybertalents.com/challenges/web/string-highlighter ‌ Solution Exploring From the name of the cha...

Cybertalents Wrong Token Web Challenge Writeup

Description Request to the flag is forbidden due to wrong CSRF token … can you fix it and reveal the flag Difficulty: hard Challenge Link: https://cybertalents.com/challenges/web/wrong-token So...

Cybertalents F2UP Web Challenge Writeup

Description this is the most secure way to file upload is it ? Difficulty: Medium Challenge Link: https://cybertalents.com/challenges/web/f2up Solution Exploring When open the challenge you w...