Writeup Nahamcon 2021 CTF - Web Challenges

I was playing the Nahamcon 2021 Capture The Flag with my team AmpunBangJago we’re finished at 4th place from 6491 Teams around the world and that was an achievment for me. Well me and my team was able to solve...

Open redirect -> Account Takeover pada bukalapak.com

Open Redirect Open Redirect adalah kerentanan dimana aplikasi menerima input dari pengguna yang akan digunakan untuk perpindahan halaman atau redirect pada aplikasi dan biasanya input tersebut tidak mempunyai filter atau dapat dibypass, input dari user yang akan di gunakan sebagai...

HackerOne H1-2006 2020 CTF Writeup

Writeup H1-2006 CTF The Big Picture Given an web application with wildcard scope *.bountyapp.h1ctf.com, as stated at @Hacker0x01 Twitter the goal of the CTF is to help @martenmickos to approve May Bug Bounty payments. Short Writeup (TL;DR) Layer 1: Getting...

Writeup Secret Note Keeper (xs-leaks) Facebook CTF 2019

Writeup Secret Note Keeper (xs-leaks) Facebook CTF 2019 English Were given a website that was able to create note, report note and have a function to search note, the search note function will return each note using an iframe tag,...

Writeup Hackerone 50M CTF H1 702

Writeup Hackerone 50m CTF First stage of this ctf we need to solve an hidden file from an image which posted by HackerOne at twitter https://twitter.com/hacker0x01/status/1100543680383832065?lang=en. I tried to run bunch of steganography tools and i found something with zteg...