Posts

[Hone Your Ninja Skill] Data is Golden: Your Profile Data

We,pentesters, way too much focus on technical aspects of vulnerability. Advanced attackers are goal-driven and objective-based. They set goal and identify which attack vectors can bring them access to golden data that they're targeting. In this challenge series, you will do whatever you can to steal data in unauthorised or unintended way.

http://honeyourskills.ninja/target/golden_data/

[Hone Your Ninja Skill] Blacklist filter bypass : No HTML tags allowed

Mission: Achieve arbitrary script execution when submitting the form.
http://honeyourskills.ninja/target/xss/challenges/no-html-tags-allowed.php

How to reduce risk of XSS while allowing html tags

1. Allow a limited set of HTML tags:

  'a'
  'em'
  'strong'
  'cite'
  'code'
  'ul'
  'ol'
  'li'
  'dl'
  'dt'
  'dd'

Refer to the way that Drupal does -  https://api.drupal.org/api/drupal/modules%21filter%21filter.module/function/filter_xss/6.x



2. Remove all script event handlers (onload/onerror/on[a-z]{1,10}=) and src based payload (src=javascript:alert()when storing product information.


on[a-z]{1,10}=

javascript:

data:

[Hone Your Ninja Skill] Think Beyond - Tweets Display

http://honeyourskills.ninja/target/beyond/?url=display-tweets.php

With this complex world where applications are massively interconnected and cohesively making the best use of one another's data, attack can happen from every angle if you don't think beyond.

[Hone Your Ninja Skill] Think Beyond - Dig online

With this complex world where applications are massively interconnected and cohesively making the best use of one another's data, attack can happen from every angle if you don't think beyond.

https://honeyourskills.ninja/target/beyond/?url=dig-online.php

[Hone Your Ninja Skill] Whitelist filter bypass ("URL")

http://honeyourskills.ninja/target/data_restriction/?url=whitelist-filter-bypass-url.php

In input validation, whitelisting approach is said to be better than blacklisting one.  Yet non-robust implementation in whitelisting  could also allow attacker to bypass your defense.

[Hone Your Ninja Skill] Simple Tactical XSS Filter Bypass

Mission: Achieve script execution when submitting form.
Hint: It is simple. Just a matter of tactics, techniques, and procedures.

http://honeyourskills.ninja/target/simple-tactical-xss-filter-bypass.php