[Writeup] Split second

description : Split this shit http://web2.ctf.nullcon.net:8081/ Initial steps When we first opened the website, we were presented with a static page that shows a GIF but on viewing the source code there was an ajax request being sent var xhttp = new XMLHttpRequest(); xhttp.onreadystatechange = function() { if (this.readyState == Read more…

[Writeup] Pickle Store

Challenge: After I went bankrupt running my cookie store i decided to improve my security and start a pickle store. Turns out pickles are way more profitable! http://13.48.133.116:50000 By visiting the url we get the shop page By clicking buy to examine the request, we’ve found a base64 encoded cookie: Read more…