moncasp

Turkey

18th place

5100 points

Awards

Solves

Challenge	Category	Value	Time
SSRF	Web Application	100
REST API HTTP Methods	Web Application	100
Guessable Session ID	Web Application	100
JWT Misconfiguration	Web Application	100
Bruteforce	Web Application	100
User Password Enumeration	Web Application	100
Client Side Validation Bypass	Web Application	100
Server Fingerprint	Web Application	100
JavaScript - Info leak	Web Application	100
Encoding - Hashing	Web Application	100
Login bypass	Web Application	100
HTML5 Controls	Web Application	100
2FA - Integrity Validation	Authentication	100
2FA - OTP Brute-Force 2	Authentication	100
2FA - OTP Brute-Force	Authentication	100
2FA - Response Manipulation	Authentication	100
Su Binary	Root Detection	100
Dangerous Props	Root Detection	100
SQL Injection	Content Providers	100
Backdoor7	Miscellaneous	100
Backdoor6	Miscellaneous	100
Backdoor5	Miscellaneous	100
Backdoor4	Miscellaneous	100
Backdoor3	Miscellaneous	100
Backdoor2	Miscellaneous	100
Backdoor1	Miscellaneous	100
QR Code	Miscellaneous	100
KeyStore	Insecure Data Storage	100
SQLite Databases (Encrypted)	Insecure Data Storage	100
Clipboard	Insecure Data Storage	100
Activity data	Insecure Data Storage	100
External Storage	Insecure Data Storage	100
Internal Storage	Insecure Data Storage	100
Shared Preferences	Insecure Data Storage	100
SQLite Databases (Unencrypted)	Insecure Data Storage	100
Caesar Cipher	Encryption	100
International mobile subscriber identity (IMSI)	Device ID	100
IMEI/ESN	Device ID	100
GPS Location	Device ID	100
Device Wi-Fi MAC	Device ID	100
SSAID/ANDROID_ID	Device ID	100
Network Operator Name	Emulator detection	100
Emulator Files Check	Emulator detection	100
Hardware Specifications	Emulator detection	100
QEmu Detection	Emulator detection	100
Sanity Check Flag	Sanity Check	0
File System Expose	Content Providers	100
RPATH	Binary Protection	100
Native Function Call	Binary Protection	100
Hardcoded Secret	Binary Protection	100
RSA	Asymmetric Encryption	100
isDebugger Connected	Anti-Debugging	100