Mongod How many TCP ports are open on the machine? 2 Which service is running on port 27017 of the remote host? $ nmap -sV -p- <ip> ... PORT STATE SERVICE VERSION 22/tcp open ssh...

Explosion What does the 3-letter acronym RDP stand for? Remote Desktop Protocol What is a 3-letter acronym that refers to interaction with the host through a command line interface? cli What a...

Difficulty: Apprentice 🎯 Goal This lab is vulnerable to username enumeration and password brute-force attacks. It has an account with a predictable username and password. To solve the lab, enume...

Difficulty: Practitioner 🎯 Goal This lab contains a blind SQLi vulnerability. The application uses a tracking cookie for analytics, and performs a SQL query containing the value of the submitted ...

Difficulty : Practitioner 🎯 Goal This lab contains a SQL injection vulnerability in the product category filter. The results from the query are returned in the application’s response so you can u...

Difficulty : Practitioner 🎯 Goal This lab contains a SQL injection vulnerability in the product category filter. The results from the query are returned in the application’s response so you can u...

Difficulty : Practitioner 🎯 Goal To solve the lab, display the database version string. ✅ Solution We know it is a MySQL or Microsoft database so we will have to try different comment symbol...

Difficulty : Practitioner 🎯 Goal To solve the lab, display the Oracle database version string. ✅ Solution On Oracle, every SELECT query must use the FROM keyword and specify a valid table. T...

Difficulty : Practitioner 🎯 Goal The database contains a new table called users, with columns called username and password. To solve the lab, perform a SQL injection UNION attack that retrieves ...

Difficulty : Practitioner 🎯 Goal The database contains a new table called users with columns username and password inside. To solve the lab, perform a SQL injection UNION attack that retrieves a...