jam 
1153
Place
5335
Points
219
Challenges
17
Compromissions
73%
应用程序 - 脚本
595 Points24 / 33
17%
应用程序 - 系统
380 Points16 / 93
20%
裂缝
230 Points14 / 70
40%
密码分析
520 Points30 / 75
25%
法医
300 Points11 / 44
7%
编程
40 Points2 / 29
27%
现实主义者
625 Points16 / 60
47%
网络
295 Points16 / 34
43%
隐写术
150 Points10 / 23
48%
网络 - 客户端
560 Points20 / 42
- o HTML - disabled buttons
- o Javascript - Authentication
- o Javascript - Source
- o Javascript - Authentication 2
- o Javascript - Obfuscation 1
- o Javascript - Obfuscation 2
- o Javascript - Native code
- o Javascript - Webpack
- o Javascript - Obfuscation 3
- o XSS - Stored 1
- x AST - Deobfuscation
- o CSP Bypass - Inline code
- x CSP Bypass - Nonce 2
- o CSRF - 0 protection
- x Web Socket - 0 protection
- o XSS DOM Based - Introduction
- x Flash - Authentication
- x XSS DOM Based - AngularJS
- o XSS DOM Based - Eval
- o CSP Bypass - Dangling markup
- o CSP Bypass - JSONP
- o CSRF - token bypass
- o XSS - Reflected
- o CSP Bypass - Dangling markup 2
- x CSP Bypass - Nonce
- x CSS - Exfiltration
- x Javascript - Obfuscation 4
- x Relative Path Overwrite
- o XSS - Stored 2
- x XSS DOM Based - Filters Bypass
- x Self XSS - DOM Secrets
- x CSPT - The Ruler
- x DOM Clobbering
- x Javascript - Obfuscation 6
- x Self XSS - Race Condition
- x Browser - bfcache / disk cache
- x HTTP Response Splitting
- x Javascript - Obfuscation 5
- x XS Leaks
- x XSS - Stored - filter bypass
- x XSS - DOM Based
- x Same Origin Method Execution
63%
网络 - 服务器
1640 Points60 / 96
- o HTML - Source code
- o HTTP - IP restriction bypass
- o HTTP - Open redirect
- o HTTP - User-agent
- o Weak password
- o PHP - Command injection
- x API - Broken Access
- o Backup file
- o HTTP - Directory indexing
- o HTTP - Headers
- o HTTP - POST
- o HTTP - Improper redirect
- o HTTP - Verb tampering
- o Install files
- x Nginx - Alias Misconfiguration
- x Nginx - Root Location Misconfiguration
- x API - Mass Assignment
- o CRLF
- o File upload - Double extensions
- o File upload - MIME type
- x Flask - Unsecure session
- x GraphQL - Introspection
- o HTTP - Cookies
- o Insecure Code Management
- o JWT - Introduction
- x XSS - Server Side
- o Directory traversal
- o File upload - Null byte
- o JWT - Revoked token
- o JWT - Weak secret
- x JWT - Unsecure File Signature
- o PHP - assert()
- x PHP - Apache configuration
- o PHP - Filters
- o PHP - register globals
- o PHP - Remote Xdebug
- o Python - Server-side Template Injection Introduction
- o File upload - ZIP
- x Flask - Development server
- x GraphQL - Injection
- o Command injection - Filter bypass
- o Java - Server-side Template Injection
- o JWT - Public key
- x JWT - Header Injection
- o Local File Inclusion
- o Local File Inclusion - Double encoding
- x Nginx - SSRF Misconfiguration
- o Node - Eval
- o PHP - Loose Comparison
- o PHP - preg_replace()
- o PHP - type juggling
- o Remote File Inclusion
- o SQL injection - Authentication
- o SQL injection - Authentication - GBK
- o SQL injection - String
- o XSLT - Code execution
- x Elixir - EEx
- x JWT - Unsecure Key Handling
- o LDAP injection - Authentication
- x Node - Serialize
- o NoSQL injection - Authentication
- o PHP - Path Truncation
- o PHP - Serialization
- o SQL injection - Numeric
- o SQL Injection - Routed
- o SQL Truncation
- o XML External Entity
- o XPath injection - Authentication
- x Yaml - Deserialization
- x API - Broken Access 2
- x GraphQL - Backend injection
- x GraphQL - Mutation
- x Java - Spring Boot
- o Local File Inclusion - Wrappers
- o PHP - Eval
- x PHP - Eval - Advanced filters bypass
- o SQL injection - Error
- x SQL injection - Insert
- o SQL injection - File reading
- o XPath injection - String
- x File upload - Polyglot
- x NodeJS - Prototype Pollution Bypass
- o NoSQL injection - Blind
- x SQL injection - Time based
- x Java - Custom gadget deserialization
- x NodeJS - vm escape
- x Server Side Request Forgery
- o SQL injection - Blind
- x LDAP injection - Blind
- x PHP - Unserialize overflow
- x PHP - Unserialize Pop Chain
- x SQL Injection - Second Order
- x Python - dotenv
- x Python - Blind SSTI Filters Bypass
- o XPath injection - Blind
- x SQL injection - Filter bypass