Petshop Pro

November 10, 2021•136 words

HackerOne CTF - Petshop Pro

Flag 1

When you go to checkout, you submit a URL-encoded body with the post. Insert a new object in there or modify an existing one and insert a negative price to gain a flag.

Flag 2

There is a login form (found through a directory bust). There is a logic error that helps you enumerating user, as a correct username will give you a different error message. Using hydra with rockyou for usernames turns up a valid username fairly quickly. Then you can just use this username and use rockyou for passwords as well, gaining login.

Flag 3

Once you have administrative access, you can edit elements. Edit a specific one in order to obtain a stored XSS in the cart page to obtain a flag.

👍❤️🫶👏👌🤯🤔😂😍😭😢😡😮

Subscribe to the author

You'll only receive email when they publish something new.

More from emacab98
All posts

OWASP Juice Shop

November 9, 2021•3,019 words

OWASP Juice ShopThis is how I solved some of the challenges listed in the OWASP Juice Shop scoreboard, you can find the one that interests you by searching its name in the table.Error Handling (Provoke an error that is neither very gracefully nor consistently handled.)Try a URL of your choice to see if anything funny happens, some error handling practices could give you great results in terms of finding vulnerabilities. In this case, it reveals the framework AND it solves the challenge.Score Boa...

Read post

Transformation - PicoCTF

November 16, 2021•202 words

Translate the string into unicode and insert it into a variable, then treat the encryption as a mathematical function and try to obtain a reverse formula. Imagine that A and B are the characters that, when mixed as described in the challenge description, generate the first character of the encoded text. To retrieve A, just push the encoded character 8 places to the right, so to clean all values that were influenced by the value of B.To retrieve B, you now have the encoded value and A itself: wha...