Teams


- The Exploitables

    "Exploiting as a way of life"



# Flag Box
1 Score Board Miscellaneous
2 DOM XSS XSS
3 Bonus Payload XSS
4 Privacy Policy Miscellaneous
5 Repetitive Registration Improper Input Validation
6 Empty User Registration Improper Input Validation
7 Password Strength Broken Authentication
8 Login Admin Injection
9 Admin Section Broken Access Control
10 Five-Star Feedback Broken Access Control
11 Login Jim Injection
12 Login Bender Injection
13 Mass Dispel Miscellaneous
14 Deluxe Fraud Improper Input Validation
15 Database Schema Injection
16 User Credentials Injection
17 Confidential Document Sensitive Data Exposure
18 Forgotten Sales Backup Sensitive Data Exposure
19 Forgotten Developer Backup Sensitive Data Exposure
20 Poison Null Byte Improper Input Validation
21 Misplaced Signature File Sensitive Data Exposure
22 Easter Egg Broken Access Control
23 Nested Easter Egg Cryptographic Issues
24 Forged Coupon Cryptographic Issues
25 Login Support Team Security Misconfiguration

#2 - mike

    "mike"



# Flag Box
1 Score Board Miscellaneous
2 DOM XSS XSS
3 Error Handling Security Misconfiguration
4 Bonus Payload XSS
5 Privacy Policy Miscellaneous
6 Password Strength Broken Authentication
7 Login Admin Injection
8 Forged Feedback Broken Access Control
9 Forged Review Broken Access Control
10 View Basket Broken Access Control
11 Exposed Metrics Sensitive Data Exposure
12 Confidential Document Sensitive Data Exposure
13 Login Jim Injection
14 Login Bender Injection
15 Visual Geo Stalking Sensitive Data Exposure
16 CAPTCHA Bypass Broken Anti Automation
17 Meta Geo Stalking Sensitive Data Exposure
18 Christmas Special Injection
19 Zero Stars Improper Input Validation
20 Repetitive Registration Improper Input Validation
21 Forgotten Sales Backup Sensitive Data Exposure
22 Poison Null Byte Improper Input Validation
23 Admin Section Broken Access Control

#3 - Javatafel

    "gogogo"



# Flag Box
1 Error Handling Security Misconfiguration
2 Score Board Miscellaneous
3 DOM XSS XSS
4 Login Admin Injection
5 Login Bender Injection
6 Login Jim Injection
7 Privacy Policy Miscellaneous
8 Bonus Payload XSS
9 Exposed Metrics Sensitive Data Exposure
10 Zero Stars Improper Input Validation
11 Visual Geo Stalking Sensitive Data Exposure
12 Password Strength Broken Authentication
13 Confidential Document Sensitive Data Exposure
14 Reset Bender's Password Broken Authentication
15 Admin Registration Improper Input Validation
16 Admin Section Broken Access Control
17 Five-Star Feedback Broken Access Control
18 Repetitive Registration Improper Input Validation
19 Meta Geo Stalking Sensitive Data Exposure
20 Forged Feedback Broken Access Control
21 View Basket Broken Access Control
22 Empty User Registration Improper Input Validation
23 Outdated Allowlist Unvalidated Redirects

#4 - Jordy

    "Jo Jo Jo"



# Flag Box
1 Login Admin Injection
2 Error Handling Security Misconfiguration
3 Score Board Miscellaneous
4 Bonus Payload XSS
5 DOM XSS XSS
6 Password Strength Broken Authentication
7 Privacy Policy Miscellaneous
8 Bully Chatbot Miscellaneous
9 Weird Crypto Cryptographic Issues
10 Exposed Metrics Sensitive Data Exposure
11 Security Policy Miscellaneous
12 User Credentials Injection
13 Login Jim Injection
14 Login Bender Injection
15 Database Schema Injection
16 Ephemeral Accountant Injection
17 Confidential Document Sensitive Data Exposure
18 Nested Easter Egg Cryptographic Issues

#5 - LastTeam



# Flag Box
1 Score Board Miscellaneous
2 Repetitive Registration Improper Input Validation
3 Error Handling Security Misconfiguration
4 Login Bender Injection
5 Zero Stars Improper Input Validation
6 Empty User Registration Improper Input Validation
7 Privacy Policy Miscellaneous
8 Bully Chatbot Miscellaneous
9 Login Admin Injection
10 Exposed Metrics Sensitive Data Exposure
11 Reset Jim's Password Broken Authentication
12 Login Amy Sensitive Data Exposure
13 Password Strength Broken Authentication
14 Admin Section Broken Access Control
15 Confidential Document Sensitive Data Exposure

#6 - Team1

    "1"



# Flag Box
1 Score Board Miscellaneous
2 DOM XSS XSS
3 Bonus Payload XSS
4 Privacy Policy Miscellaneous
5 Login Admin Injection
6 Password Strength Broken Authentication
7 View Basket Broken Access Control
8 Login Jim Injection
9 Login Bender Injection
10 Forged Feedback Broken Access Control

#7 - 2gp1b



# Flag Box
1 DOM XSS XSS
2 Bonus Payload XSS
3 Repetitive Registration Improper Input Validation
4 Score Board Miscellaneous
5 Error Handling Security Misconfiguration
6 Zero Stars Improper Input Validation
7 Empty User Registration Improper Input Validation
8 Login Admin Injection
9 Password Strength Broken Authentication
10 Confidential Document Sensitive Data Exposure
11 Exposed Metrics Sensitive Data Exposure
12 Admin Section Broken Access Control
13 Five-Star Feedback Broken Access Control
14 Outdated Allowlist Unvalidated Redirects

#8 - abiyan2024



# Flag Box
1 Score Board Miscellaneous
2 DOM XSS XSS
3 Bonus Payload XSS
4 Privacy Policy Miscellaneous
5 Login Admin Injection
6 Password Strength Broken Authentication
7 View Basket Broken Access Control

#9 - Team Awesome

    "Stay Awesome"



No flags captured yet.


#10 - International



No flags captured yet.


#11 - Team

    "eewa"



No flags captured yet.