LFGA Web

Challenge section

Info!

Sorry I couldn't find more challenges but I'll share some interesting write ups .


Challenge 1

This a longer challenge, maybe it's going to take some time, but strive to get the answers.

OWASP Juice Shop

You'll find the OWASP Juice Shop app in tryhackme. We'll only be doing the authentication challenge, the sections that you have to do are:

Link: Juice Shop


Challenge 2

Link: PicoCTF 2018


Write Ups

Dark CTF - Category Web

There is a new concept here. Sometimes some sites or web apps use JWT web token to auhthenticate users, but if is not implemented the correct way the login or authentication process becomes very insecure.

Let's first learn what is JWT here: introduction

No let's see common vulnerabilities:

Now that we know the theoretical part let's see the practical.

Finished!

That's all for now, authentication is a very vast topic and there are a lot of technologies to discover, but for now that will be enough, if you keep playing CTFs and reading write ups you'll get to the next level. Let's go to the next section.