CTF web challenges

this repo consists of several challenge ideas for a CTF, all based around web challenges.

All can be run in docker containers, where the git and cert challenge run in the same container (docker-cert-and-git-poc).

The first challenge consists of a “sql based cookie injection”, using flask as a webserver and mysql as the database. challenge 1

The second challenge resolves around git. challenge 2

The third challenge is about authenticating with a client cert with a certain “Subject” field in the cert which the ctf players have to sign with the openly available “CA” private key! challenge 3

Copyright © 2022 Swetha Sridevi Nachimuthu


View Github