Solving all Web CTF tasks from NahamCon

Рет қаралды 12,628

Күн бұрын

📧 Subscribe to BBRE Premium: bbre.dev/premium
✉️ Sign up for the mailing list: bbre.dev/nl
💻 The code with POCs: bbre.dev/nahamconctfcode
📣 Follow me on twitter: bbre.dev/tw
In this video, I will solve all the challenges from the NahamCon CTF by ‪@NahamSec‬ .
The challenges were:
00:00 Jurassic Park (easy, 1667 solves, by artemis19)
02:43 EXtravagant (easy, 1056 solves, by NightWolf)
09:55 Personnel (easy, 684 solves, by ‪@_JohnHammond‬ )
17:26 Flaskmetal Alchemist (medium, 260 solves, by artemis19)
33:29 Hacker Ts (hard, 127 solves, by congon4tor)
39:55 Two For One (hard, 76 solves, by congon4tor)
50:33 Poller (hard, 36 solves, by congon4tor)
01:02:34 Deafcon (hard, 45 solves, by congon4tor)
🖥 Get $100 in credits for Digital Ocean: bbre.dev/do

Пікірлер: 24

@_JohnHammond 2 жыл бұрын

Super cool to see this -- thank you so much for showcasing all these!! ♥

@BugBountyReportsExplained 2 жыл бұрын

Thank you John for organising the awesome CTF!

@cyber-man 2 жыл бұрын

I think this walkthrough is very underrated. As always, great job :)

@jpierce2l33t 2 жыл бұрын

Thanks so much for this Greg! I'm watching right now and learning a lot!

@BugBountyReportsExplained 2 жыл бұрын

I'm glad it was helpful! I learned a lot myself

@jpierce2l33t 2 жыл бұрын

@@BugBountyReportsExplained all of your stuff is helpful my friend! Really appreciate all that you do. I've been learning a lot about penetration testing, Linux, network and application security, but I'm about to put my focus into web and bug bounty-style stuff. You've always been a great resource for that, and I thank you!

@BugBountyReportsExplained 2 жыл бұрын

@@jpierce2l33t Thank you for that. I wish you all the best, web and bug bounty-style stuff is awesome!

@jpierce2l33t 2 жыл бұрын

@@BugBountyReportsExplained yes! Plus you can get paid if successful on bug bounty 🤣. Also API security is becoming a big thing

@mpaujan21 2 жыл бұрын

Great content! Very helpful for beginner 👍

@a.for.arun_ 2 жыл бұрын

Thank you. Learned a lot

@mariesvps6072 Жыл бұрын

Thanks for this!

@pj2490 2 жыл бұрын

That is really great and helpful.

@mrwancool8648 2 жыл бұрын

i don't really like ctf's but this was very helpful

@sp3ct3r71 2 жыл бұрын

i kindly request you to prepare some bug bounty hunting beginnet level tutorials such as methodologies , tools etc.. your explanations are crystal clear😍❤🔥

@BugBountyReportsExplained 2 жыл бұрын

thank you! Sign up for BBRE newsletter - I describe a lot of cool things there ;) bbre.dev/nl

@medhasni6432 2 жыл бұрын

hey brother can you help me please,i m new and i just submitted ahost header injection repport to a company that can redirect the victim to anyother website, but it ended up as n/a saying it requires mitm setup i ve watched many poc of that bug and it was accepted. any help please?

@BugBountyReportsExplained 2 жыл бұрын

Host header injection is only exploitable if you can poison the cache with it, exploit password reset functionality, etc.

@_bergee_ 2 жыл бұрын

How can you stay at the computer the whole day? My body sends me the signal after 3,4 hours I need to take a break.

@BugBountyReportsExplained 2 жыл бұрын

Well, I usually make breaks every ~1 hour, sometimes 2 hours. But CTFs are one of these things that can suck me in to stay longer in front of the screen. Here's how it looked for these two days: bucket.mlcdn.com/a/2951/2951926/images/d79b55ad585e11e121fd1cc2d11e15890010fb49.png bucket.mlcdn.com/a/2951/2951926/images/cbb81bdc748e663f5fa8f9a3d5545cd85573d8ac.png And yes, my body felt a bit off after

@_bergee_ 2 жыл бұрын

@@BugBountyReportsExplained Yeah things you enjoy can suck you for a long time. In my twenties I remember doing all day long runs with "Smashing the stack for fun and profit", trying to learn buffer overflows, format strings etc