Jun 7, 2022 · 4 min read · Cache Key Injection (Expert) This lab contains multiple independent vulnerabilities, including cache key injection. A user regularly visits this site's home page using Chrome. To solve the lab, combine the vulnerabilities to execute alert(1) in the ...
Join discussion
May 17, 2022 · 10 min read · Introduction to OAuth 2.0 Framework OAuth is a commonly used authorization framework that enables websites and web applications to request limited access to a user's account on another application. Crucially, OAuth allows the user to grant this acc...
Join discussion
May 10, 2022 · 6 min read · Remote code execution via web shell upload (Apprentice) This lab contains a vulnerable image upload function. It doesn't perform any validation on the files users upload before storing them on the server's filesystem. If the web server allows to ...
Join discussion
Mar 18, 2022 · 3 min read · Overview This level introduces us to the following concept(s): Arithmetic underflows/overflows Usage of SafeMath library (and pragma solidity ^0.8.0) unchecked keyword in Solidity GitHub Repository available at: https://github.com/0xEval/ethernaut-...
Join discussion
Mar 11, 2022 · 3 min read · Overview This level introduces us to the following concept(s): Differences between msg.sender and tx.origin Phishing in Web 3.0 GitHub Repository available at: https://github.com/0xEval/ethernaut-x-foundry Objective To complete the challenge, we wi...
Join discussion
