HackmyVM: WhitedoorIn this blog I will solve the easiest machine whitedoor from hackmyvm.4d ago4d ago
Solving Portswigger Academy: CSRF where token is not tied to user sessionThis lab’s email change functionality is vulnerable to CSRF. It uses tokens to try to prevent CSRF attacks, but they aren’t integrated into…Oct 16, 2024Oct 16, 2024
Solving Portswigger Academy: CSRF where token validation depends on token being presentThis lab’s email change functionality is vulnerable to CSRF.Oct 15, 2024Oct 15, 2024
Solving Portswigger Academy: CSRF where token validation depends on request methodThis lab’s email change functionality is vulnerable to CSRF. It attempts to block CSRF attacks, but only applies defenses to certain types…Oct 15, 2024Oct 15, 2024
Solving Portswigger Academy: CSRF vulnerability with no defensesThis lab’s email change functionality is vulnerable to CSRF.Oct 14, 2024Oct 14, 2024
Solving Portswigger Academy: Exploiting XSS to perform CSRFThis lab contains a stored XSS vulnerability in the blog comments function. To solve the lab, exploit the vulnerability to perform a CSRF…Oct 13, 2024Oct 13, 2024
Solving Portswigger Academy: Exploiting cross-site scripting to capture passwordsThis lab contains a stored XSS vulnerability in the blog comments function. A simulated victim user views all comments after they are…Oct 13, 2024Oct 13, 2024