XSLT - Code execution

30 Points

eXtensible Stylesheet Language Transformations

Author

ghozt, 16 July 2017

Level

Validations

1336 Challengers 1%

Note

103 Votes

To reach this part of the site please login

5 Solutions

Display solutions Submit a solution

Challenge Results

Pseudo	Challenge	Lang	date
Omega0x0001	XSLT - Code execution		26 June 2019 at 21:35
Bl00dy	XSLT - Code execution		25 June 2019 at 22:33
ixa	XSLT - Code execution		25 June 2019 at 19:57
zoz25	XSLT - Code execution		25 June 2019 at 12:10
irumi	XSLT - Code execution		23 June 2019 at 13:20
xiphoid	XSLT - Code execution		22 June 2019 at 19:30
AlphaTartine	XSLT - Code execution		22 June 2019 at 18:39
CLeBeR	XSLT - Code execution		22 June 2019 at 15:50
rajoul	XSLT - Code execution		22 June 2019 at 00:21
constantinje	XSLT - Code execution		21 June 2019 at 22:28

57 Challenges

Results	Challenge's Name	Validations	Number of points	Difficulty	Author	Note	Solution
	HTML - source code	49% 66497	5		g0uZ		3
	HTTP - Open redirect	16% 21676	10		Swissky		10
	HTTP - User-agent	25% 33400	10		g0uZ		10
	Weak password	36% 48441	10		g0uZ		5
	PHP - Command injection	16% 21198	10		sambecks		10
	Backup file	18% 24447	15		g0uZ		7
	HTTP - directory indexing	25% 33305	15		g0uZ		4
	HTTP - Headers	17% 22073	15		Arod		8
	HTTP - POST	10% 12609	15		Th1b4ud		10
	HTTP - Improper redirect	13% 16696	15		Arod		10
	HTTP - verb tampering	15% 20329	15		g0uZ		10
	Install files	15% 20476	15		g0uZ		2
	CRLF	10% 13031	20		g0uZ		6
	File upload - double extensions	11% 15099	20		g0uZ		8
	File upload - MIME type	9% 11615	20		g0uZ		7
	HTTP - cookies	14% 18613	20		g0uZ		7
	Directory traversal	12% 15725	25		g0uZ		3
	File upload - null byte	8% 10957	25		g0uZ		4
	PHP - assert()	5% 6085	25		Birdy42		8
	PHP - filters	8% 9670	25		g0uZ		3
	PHP - register globals	6% 8025	25		g0uZ		1
	File upload - ZIP	3% 3424	30		ghozt		3
	Command injection - Filter bypass	2% 2460	30		sambecks		6
	Java - Server-side Template Injection	4% 4411	30		righettod		3
	Local File Inclusion	9% 12349	30		g0uZ		3
	Local File Inclusion - Double encoding	5% 5826	30		zM		3
	PHP - Loose Comparison	2% 2592	30		ghozt		4
	PHP - preg_replace()	4% 4452	30		sambecks		4
	PHP - type juggling	4% 4296	30		vic		4
	Remote File Inclusion	4% 5311	30		g0uZ		8
	SQL injection - authentication	13% 17726	30		g0uZ		11
	SQL injection - authentication - GBK	3% 3615	30		dvor4x		3
	SQL injection - string	6% 8129	30		g0uZ		8
	XSLT - Code execution	1% 1336	30		ghozt		5
	LDAP injection - authentication	4% 4925	35		g0uZ		8
	NoSQL injection - authentication	3% 3596	35		mastho		7
	PHP - Path Truncation	2% 2673	35		Geluchat		3
	PHP - Serialization	3% 3424	35		Arod		2
	SQL injection - numeric	5% 6330	35		g0uZ		6
	SQL Injection - Routed	2% 1690	35		soka		5
	SQL Truncation	3% 2927	35		Geluchat		2
	XML External Entity	2% 2165	35		sambecks		2
	XPath injection - authentication	3% 3721	35		g0uZ		4
	Java - Spring Boot	1% 887	40		dvor4x		2
	Local File Inclusion - Wrappers	1% 1333	40		sambecks		4
	PHP - Eval	1% 902	40		chmod		8
	SQL injection - Error	3% 2942	40		sambecks		4
	SQL injection - Insert	1% 1267	40		sambecks		3
	SQL injection - file reading	2% 2318	40		Arod		2
	XPath injection - string	2% 1942	40		g0uZ		4
	NoSQL injection - blind	1% 1210	45		ghozt		5
	SQL injection - Time based	2% 2167	45		ycam		2
	Server Side Request Forgery	1% 384	50		sambecks		3
	SQL injection - blind	3% 3479	50		g0uZ		4
	LDAP injection - blind	2% 1429	55		g0uZ		1
	XPath injection - blind	1% 934	75		g0uZ		4
	SQL injection - filter bypass	1% 890	80		sambecks		5