-
Notifications
You must be signed in to change notification settings - Fork 0
Web
Nolan Kuza edited this page Sep 10, 2022
·
14 revisions
The Web category involve exploiting vulnerabilities in applications that run on the world wide web. Sometimes CTF's provide you with the source code of website's server code to help you find vulnerabilities, but sometimes this is not provided and you must use other methods to discover a vulnerability.
There are wide a variety of attacks that can be conducted on websites. One could send well-crafted requests, inject database requests into an insecure server, devise a malicious URL to send to another user, and much more. Many attacks will involve a combination of these techniques!
-
BabyWebon our CTFd server (beginner friendly) -
Insp3ct0ron PicoCTF (similar toBabyWebbut has a bit more) - https://jupiter.challenges.picoctf.org/problem/9670/ -
dont-use-client-side(beginner friendly, illustrates the concept of client-side vs server-side well) - https://jupiter.challenges.picoctf.org/problem/17682/
-
https://ctf101.org/web-exploitation/overview/
- Describes some common types of attacks
- Open the website in a program like Burp Suite
- Interact with the website as a normal user to get an idea its purpose
- Read the client source code (View Page Source) to see how it interacts with the server and potentially find hidden information
- Read the server code (if provided) to see how the server handles requests from the client
- Try to find what the goal is (where the flag will be stored) based on source code and context
- If the challenge provides an "admin bot" website that visits any URL you give it, the goal is to probably provide a URL to the bot that makes it perform a certain action or leak certain information when visited
- Look for weak points, such as: JavaScript weirdness, weak type checks, unsanitized user input, unsanitized file paths, SQL injections, XSS injections
- If relevant, use Burp Suite to inspect requests you make and tweak the requests to try to get different results
- Craft an attack plan and execute it. Depending on the situation you will either use tools like Burp Suite, write a solve script, or just manually carry out the attack.