The Cyber Defenders Discovery Camp 2015 is an introductory computer security workshop slash competition targeted at students at the JC and IHL levels. This i...
Server-side request forgery in a PDF page printer service in PHP leading to disclosure of secrets in a server-side PHP source code.
Type juggling in PHP’s weak comparison operator (==) allows an attacker to generate passwords to an administrator account and bypass the original MD5 hashing...
Use of the X-Forwarded-For header allows an attacker to fake country of origin to collect flags.
Use the Boneh-Durfee attack on low private exponents to recover the original two prime factors comprising the private key and decrypt an encrypted flag.
Recover the IV of an AES operation by utilising imperfect knowledge of the key and encrypted output.
Fake a valid cake object containing arbitrary ingredients to a bakery service by modifying decompiled Java bytecode and resigning the JAR with spoofed creden...
A troll challenge that required you to transcribe a melody on a hidden area of the website.