Blogger Templates Skip to main content

Posts

Featured

NuLL_Br3aker_2020 CTF Writeup

Hi Folks, We have recently participated in NuLL_Br3aker_2020 CTF, this is a walk through of simple Web challenges from Null breaker CTF, we are the one who solves all web category  challenges. which was a jeopardy style CTF. I’ve come across one of the Web challenges JWT  150 points (btw it is simple :-p). I would like to share my way of completing the challenge.

The Challenge named Json Web Tok3n, they have given a URL to proceed the challenge, by accessing it through browser, i got this

i was like what the heck is this ??, i slowly access all the api endpoints through browser, the three URL was
 https://web-challenge-0x01.herokuapp.com/api/auth  https://web-challenge-0x01.herokuapp.com/api/notes https://web-challenge-0x01.herokuapp.com/api/verify
when i access  https://web-challenge-0x01.herokuapp.com/api/auth , this was the response
ok cool , i proceed with other endpoints (api/notes) and below was the response

 and /api/verify

ok , the motive is we have to generate a JWT Token to authori…

Latest posts

How i Successfully failed Facebook Interview !!!

HTML Injection in Codoforum V4.8.3

Persistent Cross-site Scripting - Admin Category Section

Stored-Cross Site Scripting in Codoforum Latest Version 4.8.3 Admin Panel

Stored Cross Site Scripting in Codoforum Latest Verson v4.8.3

AFLogical OSE for Android Forensics!

Android Application penetration testing series 2

Android Application penetration testing series 1

Simple Error Based SQL Injection issue!!