Points: 30 Link: https://www.root-me.org/en/Challenges/Web-Server/Local-File-Inclusion Statement Get in the admin section. Analyzation Click the challenge’s link Nothing much to do....

Points: 20 Link: https://www.root-me.org/en/Challenges/Web-Server/JWT-Introduction Statement To validate the challenge, connect as admin. Analyzation First look, we have a login form....

Points: 15 Link: https://www.root-me.org/en/Challenges/Web-Server/Install-files Statement You know phpBB ? Solution curl -i http://challenge01.root-me.org/web-serveur/ch6/ <!-- /...

Points: 15 Link: https://www.root-me.org/en/Challenges/Web-Server/HTTP-verb-tampering Statement Bypass the security establishment. Solution Just try another method than GET/POST curl ...

Points: 10 Link: https://www.root-me.org/en/Challenges/Web-Server/HTTP-User-agent Solution Let’s visit the site’s source: curl http://challenge01.root-me.org/web-serveur/ch2/ <html> ...

Points: 15 Link: https://www.root-me.org/en/Challenges/Web-Server/HTTP-POST Statement Find a way to beat the top score! Solution curl http://challenge01.root-me.org/web-serveur/ch56/ ...

Points: 10 Link: https://www.root-me.org/en/Challenges/Web-Server/HTTP-Open-redirect Statement Find a way to make a redirection to a domain other than those showed on the web page. ht...

Points: 15 Link: https://www.root-me.org/en/Challenges/Web-Server/HTTP-Improper-redirect Statement Get access to index. Hint: Don’t trust your browser Solution curl -i http://ch...

Points: 10 Link: https://www.root-me.org/en/Challenges/Web-Server/HTTP-IP-restriction-bypass Statement Dear colleagues, We’re now managing connections to the intranet using private IP ad...

Points: 15 Link: https://www.root-me.org/en/Challenges/Web-Server/HTTP-Headers Statement Get an administrator access to the webpage. Hint HTTP response give informations Solution...