Solving Epic Admin PWN from UTCTF 2020

Posted on Mon 09 March 2020 in CTF by 0xm4v3rick • Tagged with webappsec, sql injection, writeup, sqlmap

SQL injection involving PostgreSQL. Blind SQLi with stacked Queries.


Continue reading

Solving Spooky Store from UTCTF 2020

Posted on Mon 09 March 2020 in CTF by 0xm4v3rick • Tagged with webappsec, XXE, writeup

XXE challenge that involved using already available XML tag


Continue reading

Introduction to Burp Suite Plugin Stepper

Posted on Mon 17 February 2020 in Tutorials by 0xm4v3rick • Tagged with webappsec, burp suite, repeater, stepper, plugin

Small introduction to burp suite plugin stepper and how it can be used to speed up the testing.


Continue reading

Solving My Bank from HackTM CTF Quals 2020

Posted on Mon 03 February 2020 in CTF by 0xm4v3rick • Tagged with webappsec, race condition, turbo intruder, writeup

This was the fastest challenge I have solved till now. Simple race condition leading to extra money and the flag.


Continue reading

Solving Execute No Evil from X-MAS CTF 2019

Posted on Sat 21 December 2019 in CTF by 0xm4v3rick • Tagged with webappsec, sql injection, writeup

Execute No Evil was another challenge, simple yet pain. Read about it here.


Continue reading

Solving Roboworld from X-MAS CTF 2019

Posted on Sat 21 December 2019 in CTF by 0xm4v3rick • Tagged with webappsec, auth bypass, writeup

Solving this ctf was quite a fun for me. Go ahead to read about it.


Continue reading