XPath injection - String

40 Points  

Forum v0.002

Author

g0uZ,  

Level  Difficulty

Validations

2043 Challengers 2%

Note  Notation

106 Votes
To reach this part of the site please login

Challenge Results Challenge Results

Pseudo Challenge Lang date
Zhack!   XPath injection - String en 5 September 2019 at 06:52
apges01   XPath injection - String en 3 September 2019 at 12:15
jayhun2   XPath injection - String en 3 September 2019 at 06:23
zero829   XPath injection - String en 3 September 2019 at 05:57
saidg4s   XPath injection - String en 31 August 2019 at 00:34
clem9669   XPath injection - String fr 29 August 2019 at 18:00
Delta9   XPath injection - String en 29 August 2019 at 10:46
Ofirma   XPath injection - String en 29 August 2019 at 10:43
Erez   XPath injection - String en 28 August 2019 at 19:32
Prinegheuls   XPath injection - String fr 28 August 2019 at 02:46

Challenges associated with this section 60 Challenges

Results Challenge's Name Validations Number of points  Explanation for the scores Difficulty  Difficulty Author Note  Notation Solution
pas_valide HTML - Source code 48% 70973 5 g0uZ 3
pas_valide HTTP - Open redirect 17% 23741 10 Swissky 10
pas_valide HTTP - User-agent 24% 35409 10 g0uZ 10
pas_valide Weak password 35% 50903 10 g0uZ 5
pas_valide PHP - Command injection 16% 22993 10 sambecks 10
pas_valide Backup file 18% 25603 15 g0uZ 7
pas_valide HTTP - Directory indexing 24% 35105 15 g0uZ 4
pas_valide HTTP - Headers 16% 23398 15 Arod 8
pas_valide HTTP - POST 10% 14466 15 Th1b4ud 10
pas_valide HTTP - Improper redirect 13% 17851 15 Arod 10
pas_valide HTTP - Verb tampering 15% 21395 15 g0uZ 10
pas_valide Install files 15% 21509 15 g0uZ 2
pas_valide CRLF 10% 13785 20 g0uZ 7
pas_valide File upload - Double extensions 11% 15886 20 g0uZ 9
pas_valide File upload - MIME type 9% 12315 20 g0uZ 8
pas_valide HTTP - Cookies 14% 19696 20 g0uZ 7
pas_valide JSON Web Token (JWT) - Introduction 1% 835 20 Knowledge 3
pas_valide Directory traversal 12% 16564 25 g0uZ 3
pas_valide File upload - Null byte 8% 11537 25 g0uZ 4
pas_valide JSON Web Token (JWT) - Weak secret 1% 547 25 Jrmbt 1
pas_valide PHP - assert() 5% 6533 25 Birdy42 8
pas_valide PHP - Filters 7% 10122 25 g0uZ 3
pas_valide PHP - register globals 6% 8464 25 g0uZ 1
pas_valide File upload - ZIP 3% 3682 30 ghozt 3
pas_valide Command injection - Filter bypass 2% 2733 30 sambecks 6
pas_valide Java - Server-side Template Injection 4% 4683 30 righettod 4
pas_valide JSON Web Token (JWT) - Public key 1% 333 30 Jrmbt 1
pas_valide Local File Inclusion 9% 12896 30 g0uZ 3
pas_valide Local File Inclusion - Double encoding 5% 6122 30 zM 3
pas_valide PHP - Loose Comparison 2% 2857 30 ghozt 4
pas_valide PHP - preg_replace() 4% 4694 30 sambecks 4
pas_valide PHP - type juggling 4% 4493 30 vic 4
pas_valide Remote File Inclusion 4% 5543 30 g0uZ 8
pas_valide SQL injection - Authentication 13% 18553 30 g0uZ 11
pas_valide SQL injection - Authentication - GBK 3% 3835 30 dvor4x 3
pas_valide SQL injection - String 6% 8531 30 g0uZ 8
pas_valide XSLT - Code execution 1% 1474 30 ghozt 5
pas_valide LDAP injection - Authentication 4% 5137 35 g0uZ 8
pas_valide NoSQL injection - Authentication 3% 3801 35 mastho 7
pas_valide PHP - Path Truncation 2% 2844 35 Geluchat 4
pas_valide PHP - Serialization 3% 3570 35 Arod 2
pas_valide SQL injection - Numeric 5% 6599 35 g0uZ 6
pas_valide SQL Injection - Routed 2% 1831 35 soka 5
pas_valide SQL Truncation 3% 3079 35 Geluchat 2
pas_valide XML External Entity 2% 2289 35 sambecks 2
pas_valide XPath injection - Authentication 3% 3855 35 g0uZ 4
pas_valide Java - Spring Boot 1% 966 40 dvor4x 2
pas_valide Local File Inclusion - Wrappers 1% 1433 40 sambecks 4
pas_valide PHP - Eval 1% 1068 40 chmod 9
pas_valide SQL injection - Error 3% 3134 40 sambecks 4
pas_valide SQL injection - Insert 1% 1347 40 sambecks 3
pas_valide SQL injection - File reading 2% 2452 40 Arod 2
pas_valide XPath injection - String 2% 2043 40 g0uZ 4
pas_valide NoSQL injection - Blind 1% 1311 45 ghozt 5
pas_valide SQL injection - Time based 2% 2278 45 ycam 2
pas_valide Server Side Request Forgery 1% 441 50 sambecks 3
pas_valide SQL injection - Blind 3% 3627 50 g0uZ 4
pas_valide LDAP injection - Blind 2% 1502 55 g0uZ 1
pas_valide XPath injection - Blind 1% 993 75 g0uZ 4
pas_valide SQL injection - Filter bypass 1% 970 80 sambecks 5