Comment on page

Vulnerabilities

Flag 11: Armageddon 1
You are testing a site for a client which is located at http://cits3projtg.cybernemosyne.xyz​
Start by identifying the name of the Content Management System (CMS) that is used on the site?
The flag is the name of the CMS
Flag 12: Armageddon 2
This particular version of the CMS that is used on the Cynical Sysadmin Blog has a critical known vulnerability!
What is the name of the vulnerability?
Hint: To find the vulnerability, you need to find the version of the CMS. Once you have done that, you need to find the critical vulnerabilities. This vulnerability is in the top 5 
Flag 13: Armageddon 3 (BONUS)
Using the provided Proof of Concept script (PoC), can you exploit the vulnerability that you identified in Armageddon 2?
The flag is located in a file at /flag on the server, and you can read it by executing the command cat /flag.
drupalgeddon2.txt
2KB
Text
Flag 14: I Want To Join
The server http://cits3projtg2.cybernemosyne.xyz:1003 is running a site for the Anti Pineapple on Pizza Society.
Can you sign up for this even though their sign up form has been disabled?
Flag 15: Ping Of Death
Some kid joined my Minecraft server and threatened that they were going to DDoS me using this dodgy website. In the end they just pinged my server, but I am 99% certain you can do a lot more with that website.
It is located here http://cits3projtg.cybernemosyne.xyz:1004​
Can you find a vulnerability on the dodgy website and exploit it to read the flag at /flag on the server?
You should be able to figure out a way to run the command cat /flag!
Flag 16: Super Quiet Library
You need to be very quiet in the Super Quiet Library and not Inject any noise into the environment!
The server is here http://cits3projtg2.cybernemosyne.xyz:1000​
Can you open bypass the login and view the admin page?

Project - Previous

Cryptography

Next - Project

Forensics

Last modified 2yr ago