XSS in PDF.js (CVE-2024-4367) - "Upload" [Akasec CTF 2024]
ฝัง
- เผยแพร่เมื่อ 2 ก.ค. 2024
- Video walkthrough for the "Upload" web challenge from Akasec CTF 2024. The challenge involved server-side XSS (dynamic PDF) using a recent exploit (CVE-2024-4367) and SSRF! Write-ups/tutorials aimed at beginners - Hope you enjoy 🙂 #Akasec #CTF #CaptureTheFlag #Pentesting #OffSec #WebSec #AppSec
Write-ups: crypto-cat.gitbook.io/ctf-wri...
↢Social Media↣
Twitter: / _cryptocat
GitHub: github.com/Crypto-Cat/CTF
GitBook: crypto-cat.gitbook.io
HackTheBox: app.hackthebox.eu/profile/11897
LinkedIn: / cryptocat
Reddit: / _cryptocat23
TH-cam: / cryptocat23
Twitch: / cryptocat23
↢Akasec CTF 2024↣
ctf.akasec.club
ctftime.org/event/2222
/ discord
/ akasec_1337
/ akasec-1337
↢Resources↣
Ghidra: ghidra-sre.org/CheatSheet.html
Volatility: github.com/volatilityfoundati...
PwnTools: github.com/Gallopsled/pwntool...
CyberChef: gchq.github.io/CyberChef
DCode: www.dcode.fr/en
HackTricks: book.hacktricks.xyz/pentestin...
CTF Tools: github.com/apsdehal/awesome-ctf
Forensics: cugu.github.io/awesome-forensics
Decompile Code: www.decompiler.com
Run Code: tio.run
↢Chapters↣
0:00 Start
0:55 Source code review
4:39 XSS (CVE-2024-4367)
10:11 SSRF
15:29 End - วิทยาศาสตร์และเทคโนโลยี
Love this walk through! ++🇵🇸
Great explanation of your thought process and tools used 🤖
thanks for note Palestine and respect it, big love Crypto❤
💜💜💜
thank you for the walkthrough!
great job and Freeee PS
Cool, learned something new :))
Awesome work as always my friend.
Thanks mate! 👊
The video is awesome! I've learn a lot of ideas and skills. By the way, Could you please introduce the script qtunnel that you used to connect the local web service to the public network? I would like to have a useful tool like that.
Thanks! So `qtunnel` is just a bash alias which calls tunnelto (tunnelto.dev) with my specified subdomain and port, while the `webup` command is `python3 -m http.server 80`
I use tunnelto because it allows me to reuse the same address, but it has a yearly fee. Previously I just used a free alternative like ngrok (you can run `ngrok http 80` to achieve the same) or requestbin
@@_CryptoCat
Thanks for your help. I learned how to use ngrok for Intranet Penetration and achieved the same results as shown in the video.
Your patient explanations were very helpful for me as a CTF beginner, thank u again!!!❤❤❤
Awesome! No problem 💜
Really cool stuff!! Free Palestine
Hello 👋🏻
Hey 👋
akasec 1337 morroco do a great job , free palestine
💀
☠