LFGA Web
Challenge section
Info!
Sorry I couldn't find more challenges but I'll share some interesting write ups .
Challenge 1
This a longer challenge, maybe it's going to take some time, but strive to get the answers.
OWASP Juice Shop
You'll find the OWASP Juice Shop app in tryhackme. We'll only be doing the authentication challenge, the sections that you have to do are:
- Task 1
- Task 2
- Task 3
- Task 5
Link: Juice Shop
Challenge 2
Link: PicoCTF 2018
Write Ups
Dark CTF - Category Web
There is a new concept here. Sometimes some sites or web apps use JWT web token to auhthenticate users, but if is not implemented the correct way the login or authentication process becomes very insecure.
Let's first learn what is JWT here: introduction
No let's see common vulnerabilities:
- Critical vulnerabilities in JSON Web Token libraries
- Common JWT security vulnerabilities and how to prevent them
Now that we know the theoretical part let's see the practical.
Finished!
That's all for now, authentication is a very vast topic and there are a lot of technologies to discover, but for now that will be enough, if you keep playing CTFs and reading write ups you'll get to the next level. Let's go to the next section.