Walkthrough of the MonitorsFour machine – web app enumeration, Cacti RCE, Docker API abuse for root

A walkthrough of exploiting SQL Injection in a login form on Infinity platform. By injecting a boolean condition and switching comment syntax from -- to `#`, we bypassed authentication and gained access to the application.

A walkthrough of exploiting Second-Order SQL Injection in an update username feature on Infinity platform. By injecting into an UPDATE query, we escalated privileges from a regular user to admin without needing to know any credentials.

A walkthrough of exploiting Boolean-based SQL Injection in a registration form on Infinity platform. By crafting true/false conditions and automating character extraction with Python, we recovered user passwords from the database.

A walkthrough of exploiting a Boolean-based SQL Injection vulnerability in a login form on Infinity platform. By injecting a true condition into the username field, we bypassed authentication without knowing any credentials.

A walkthrough of exploiting a Union-based SQL Injection vulnerability in a broken search feature on Infinity platform. By identifying the correct number of columns and injecting into a POST parameter, we successfully dumped sensitive data from the database.

A walkthrough of exploiting a Union-based SQL Injection vulnerability in a broken search feature on Infinity platform. By identifying the correct number of columns and injecting into a POST parameter, we successfully dumped sensitive data from the database.

Walkthrough of the Conversor machine – web app XSLT injection, credential cracking from SQLite, and sudo privilege escalation with needrestart.

A detailed walkthrough of the Expressway machine, covering IPsec enumeration, PSK hash cracking, and Sudo host-based privilege escalation.

PortSwigger Web Security Academy - File upload vulnerabilities labs