Capture the flag (CTF)

n00bz CTF Challenge #2: Practical Website Hacking

June 23, 2015 by Infosec

In the second edition of our n00bs CTF Labs, we’ve created 13 small challenges to test your web app hacking skills. The challenges are based on common vulnerabilities (XXS, code injection, inadequate redirect functions ect.) as well as older and less frequently seen vulnerabilities such as Data Validation; Parameter Delimiter. Each level has a bounty of $100, you just need to find the flag and post your solutions online to to be entered in the contest. There are no limits to the number of entries you can submit, but entrants are only eligible to win the bounty for up to 3 levels.

As you can see in the screenshot below, switching levels is as easy as clicking the orange levels button in the top left hand corner of the screen.


If you find yourself stuck on a level you can always click the Get a Hint button for additional information and the type of vulnerability you will be solving for is located in the bottom left corner of the page.


Vulnerabilities that are in a green font are on the OWASP’s top 10 list while those in red are not.


You can access the second edition of our CTF Challenge by CLICKING HERE and additional information regarding the bounty submission requirements can be found here.

Happy Hunting!


There are many articles in our library that can help with the challenges, here are 8 particularly useful ones:

Posted: June 23, 2015
View Profile