Self-Improvement

GraphQL CTF Writeup collection 본문

Web

GraphQL CTF Writeup collection

JoGeun 2021. 12. 28. 14:28

HactivityCon 2021 CTF - All Broken (SQLi)

https://kinako-mochimochi.hatenablog.com/entry/2021/09/19/160351#OPA-SecretsSSRF-136-solves

 

HactivityCon 2021 CTF Web challenge writeup - きなこもち。

I participated in HacktivityCon CTF 2021 that held on September 16, 1:30 PM PST - September 18, 1:30 PM PST. This is my writeup.(Web challenge only!) Medium All Baked Up(SQLi via GraphQL, 114 solves) Recon Solution Integrity(OS command injection, 256 solve

kinako-mochimochi.hatenablog.com

 

HackTheBox Business CTF 2021 - NoteQL (Logical)

https://medium.com/@b0rn2r00t/hackthebox-business-ctf-2021-b99312210d44

 

HackTheBox Business CTF 2021

Web Challenges writeup

medium.com

 

SEC-T CTF - Dark Market (Logical)

https://ctftime.org/writeup/7475

 

CTFtime.org / SEC-T CTF / Dark market / Writeup

## Dark Market ### Challenge ``` Dark market - Web (300 + 0) You need to up your game before you go dumpster diving again, they'll trace you like THAT, man! Buy a subway defense system at defense.alieni.se:3002. Service: http://defense.alieni.se:3002/ ```

ctftime.org

 

VolgaCTF 2020 - web-library (SQLi)

https://github.com/empty-jack/ctf-writeups/blob/master/VolgaCTF-2020/web-library.md

 

GitHub - empty-jack/ctf-writeups

Contribute to empty-jack/ctf-writeups development by creating an account on GitHub.

github.com

 

DarkCON CTF - DarkCON Challs (SQLi)

https://blog.ssrf.kr/44

 

DarkCON CTF web Writeup - DarkCON Challs

1. graphql injection 2. union sql injection get admin password { allUsers{ username password } } login - admin:is_this_visible_to_you? { Challs{ id title description category author points flag{ ch..

blog.ssrf.kr

 

Hack.lu 2020 CTF - Confessions (Logical, sha256)

https://dev.to/evilcel3ri/hack-lu-2020-ctf-write-up-confessions-3ac9

 

Hack.lu 2020 CTF write up: Confessions

Description Someone confessed their dirtiest secret on this new website: https://confessio...

dev.to

 

Misc CTF - GraphQL Injection (Logical)

https://hg8.sh/posts/misc-ctf/graphql-injection/

 

Misc CTF - GraphQL Injection

GraphQL is becoming more and more common nowadays and this challenge was the perfect way to digg into the subject and understand the flaws we can find there. Tl;Dr: After understanding the app is maki

hg8.sh

 

GrimmCon CTF - Fruitify (Logical)

https://y4y.space/2021/01/03/two-easy-problems-from-grimmcon-ctf/

 

Two easy problems from GrimmCon CTF

Competition Info The website seems permanent down. Fruitify (Web) Description Come grab a tasty freshly made juice, they are delicious Solution Based on the title, I originally thought it’s g…

y4y.space

 

0x41414141 CTF - graphed 2.0 (SQLi)

https://blog.natem135.com/posts/x41414141-2020/

 

x41414141 CTF Writeup

Blockchain-focused CTF, hosted by Offshift

blog.natem135.com

 

MetaCTF - Looking Inwards (Logical)

https://qiita.com/daihi_t/items/46f7ddbfee7d8abbab6e

 

MetaCTF Web Writeup - Qiita

GraphQL問が面白かったのでWriteupを残します。 Looking Inwards 問題 It's always fun to take a moment of introspection, in this case n...

qiita.com

 

'Web' 카테고리의 다른 글

[Hacker101] BugDB v3 Writeup (GraphQL, Flask)  (0) 2021.12.28
[Hacker101] BugDB v2 Writeup (GraphQL)  (0) 2021.12.28
[Hacker101] BugDB v1 Writeup (GraphQL)  (0) 2021.12.28
PUT 메소드 취약점 공략  (0) 2019.08.26
쿠키와 세션2  (0) 2019.08.26
'Web' Related Articles more