JRahm
Jun 01, 2022Admin
Capture the Flag!
Hey there community...are you ready to capture the flag?
We'll get the competition dates nailed down in the next week, but here are the details:
This CTF will be an individual exercise host...
Thanks JRahm et.al.! Was a great challenge indeed, have learned loads! To be honest, I was lucky that I had last week off, so could spend quite a bit of time on it.
Tools that I used; Firefox Developer tools a LOT, couple of Kali tools, though would have been good to have graphic user interface on the kali system or somewhere else inside the environment, so you get more "raw" access to Juice Shop server. I think there are a few challenges that can't be done (though I'd be happy to be proven wrong) because of the external layer. (for example the Cross-Site-Request-Forgery)
This video that was referenced was also very helpful and helped me to get started with the SQLi stuff;
Really enjoyed it though, I'll be building a Juice-Shop in my own environment soon and hopefully run some workshops with it; it's a nice blend of all kinds of different attacks and the hints help a lot to get you started.