ezzat

29th place

4800 points

Awards

Solves

Challenge	Category	Value	Time
RFI	Web Application	100
XXE	Web Application	100
SSRF	Web Application	100
REST API HTTP Methods	Web Application	100
Guessable Session ID	Web Application	100
OTP Bruteforce	Web Application	100
User Password Enumeration	Web Application	100
Client Side Validation Bypass	Web Application	100
Server Fingerprint	Web Application	100
Encoding - Hashing	Web Application	100
Login bypass	Web Application	100
Bruteforce	Web Application	100
HTML5 Controls	Web Application	100
2FA - Integrity Validation	Authentication	100
2FA - OTP Brute-Force 2	Authentication	100
2FA - OTP Brute-Force	Authentication	100
2FA - Status Code Manipulation	Authentication	100
2FA - Response Manipulation	Authentication	100
DES	Symmetric Encryption	100
BusyBox Binary	Root Detection	100
Su Exists	Root Detection	100
Su Binary	Root Detection	100
HTTPS Traffic	HTTP Traffic	100
HTTP Traffic	HTTP Traffic	100
SHA1	Hashing	100
MD5	Hashing	100
WTF Logs	Logs	100
Verbose Logs	Logs	100
Debug Logs	Logs	100
Warnings Logs	Logs	100
Error Logs	Logs	100
Informational Logs	Logs	100
File System Expose	Content Providers	100
SQL Injection	Content Providers	100
Backdoor6	Miscellaneous	100
Backdoor5	Miscellaneous	100
Backdoor4	Miscellaneous	100
Backdoor3	Miscellaneous	100
Backdoor2	Miscellaneous	100
Backdoor1	Miscellaneous	100
KeyStore	Insecure Data Storage	100
Clipboard	Insecure Data Storage	100
Activity data	Insecure Data Storage	100
Memory	Insecure Data Storage	100
External Storage	Insecure Data Storage	100
Internal Storage	Insecure Data Storage	100
Shared Preferences	Insecure Data Storage	100
SQLite Databases (Unencrypted)	Insecure Data Storage	100
Sanity Check Flag	Sanity Check	0