Idor

Published on
November 14, 2024
CAP Writeup
API-REST SQLI IDOR Linux Hacking-Club
The application has the following vulnerabilities: endpoint enumeration via FUZZ, SQL Injection, remote command execution (RCE), and privilege escalation via Linux capabilities.
Published on
November 13, 2024
iNotes Writeup
IDOR Windows Hacking-Club
This is a HackingClub championship machine where we found an IDOR that provides initial access and Privilege Escalation through XAMPP.

CAP Writeup