Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

NahamCon CTF 2023 Web Challenge Walkthroughs - XSS, RCE, and SSTI Techniques

CryptoCat via YouTube

Overview

Learn to solve web security challenges from NahamCon CTF 2023 through detailed walkthroughs covering cross-site scripting (XSS), remote code execution via domPDF, data hiding techniques, and server-side template injection with WAF bypass. Master practical cybersecurity skills by following step-by-step demonstrations of four key challenges: exploit XSS vulnerabilities in the Star Wars challenge, execute remote code through ttf/php polyglot files in Stickers, discover hidden data in the Hidden Figures challenge, and bypass web application firewalls using template injection in Obligatory. Access comprehensive write-ups and additional resources including tools like Ghidra, Volatility, PwnTools, and CyberChef to enhance your capture the flag competition skills.

Syllabus

Start
Star Wars XSS
Stickers domPDF RCE via ttf/php polyglot
Hidden Figures Hidden data/embedded files
Obligatory SSTI + WAF
End

Taught by

CryptoCat

Reviews

Start your review of NahamCon CTF 2023 Web Challenge Walkthroughs - XSS, RCE, and SSTI Techniques

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.