gu11mas

31st place

4700 points

Awards

Solves

Challenge	Category	Value	Time
SSTI	Web Application	100
S3 bucket misconfiguration	Web Application	100
JSON to XXE (Blind)	Web Application	100
Old Backup Files	Web Application	100
Review comment and Metadata	Web Application	100
RIA Cross Domain Policy	Web Application	100
Metafiles - Info Leakage	Web Application	100
Default Credentials	Web Application	100
XPATH Injection	Web Application	100
RFI	Web Application	100
Unrestricted File Upload	Web Application	100
XXE	Web Application	100
SSRF	Web Application	100
REST API HTTP Methods	Web Application	100
Guessable Session ID	Web Application	100
JWT Misconfiguration	Web Application	100
OTP Bruteforce	Web Application	100
User Password Enumeration	Web Application	100
Client Side Validation Bypass	Web Application	100
Server Fingerprint	Web Application	100
JavaScript - Info leak	Web Application	100
Bruteforce	Web Application	100
Encoding - Hashing	Web Application	100
Login bypass	Web Application	100
HTML5 Controls	Web Application	100
SHA1	Hashing	100
MD5	Hashing	100
MD4	Hashing	100
RSA	Asymmetric Encryption	100
Predictable Initialization Vector	Symmetric Encryption	100
AES	Symmetric Encryption	100
Blowfish	Symmetric Encryption	100
RC4	Symmetric Encryption	100
3DES	Symmetric Encryption	100
DES	Symmetric Encryption	100
File System Expose	Content Providers	100
WTF Logs	Logs	100
Verbose Logs	Logs	100
Debug Logs	Logs	100
Warnings Logs	Logs	100
Error Logs	Logs	100
Informational Logs	Logs	100
Sanity Check Flag	Sanity Check	0
UDP Traffic	Non-HTTP Traffic	100
TCP Traffic	Non-HTTP Traffic	100
HTTPS Traffic	HTTP Traffic	100
Insecure Direct Object Reference	Web Application	100
HTTP Traffic	HTTP Traffic	100