Points: 15 Link: https://www.root-me.org/en/Challenges/Web-Server/HTTP-Directory-indexing Description CTRL + U… Solution Inspect the code, there is an important line <!-- include("...

Points: 20 Link: https://www.root-me.org/en/Challenges/Web-Server/HTTP-Cookies Statement Bob created a PHP script to gather user emails PS: Bob really love cookies! http://challeng...

Points: 5 Link: https://www.root-me.org/en/Challenges/Web-Server/HTML-Source-code Statement http://challenge01.root-me.org/web-serveur/ch1/ Solution View source code by browser, we wi...

Points: 20 Link: https://www.root-me.org/en/Challenges/Web-Server/File-upload-Double-extensions Statement Your goal is to hack this photo galery by uploading PHP code. Retrieve the va...

Points: 25 Link: https://www.root-me.org/en/Challenges/Web-Server/Directory-traversal Statement Find the hidden section of the photo galery. Analyzation Click on the navigate bar, the...

Points: 20 Link: https://www.root-me.org/en/Challenges/Web-Server/CRLF Statement Inject false data in the journalisation log. Analyzation We need to write to the log admin authenticat...

Points: 15 Link: https://www.root-me.org/en/Challenges/Web-Server/Backup-file Statement No clue. Solution dirsearch -u http://challenge01.root-me.org/web-serveur/ch11/ 200 - 531B ...

Points: 15 Link: https://www.root-me.org/en/Challenges/Web-Client/Javascript-Webpack Description Do you know webpack? Statement Find the password. Solution Firstly, get the page’s...

Points: 5 Link: https://www.root-me.org/en/Challenges/Web-Client/Javascript-Source Description You know javascript ? Solution Let’s visit the site’s source code: curl http://challenge...

Points: 30 Link: https://www.root-me.org/en/Challenges/Web-Client/Javascript-Obfuscation-3 Description Useful or Useless that is the question… Analyzation This is the site’s HTML code...