Hackaday Links: December 8, 2024

Hackaday Links Column Banner

For some reason, we never tire of stories highlighting critical infrastructure that’s running outdated software, and all the better if it’s running on outdated hardware. So when we learned that …read more Continue reading Hackaday Links: December 8, 2024

Unable to login to Portswigger lab website with curl or javascript [closed]

I’m studying the basics of XSRF on Portswigger and I’ve completed Lab: CSRF vulnerability with no defenses with FireFox. I attempted to go a step further by completing the same lab from the terminal. However when I send a request to the se… Continue reading Unable to login to Portswigger lab website with curl or javascript [closed]

cURL not returning status 302 after correct login for Hack the Box Machine ‘Crocodile’

cURL is returning a 200 status code after correct login. The common response code after user login should be 302. Why am I not receiving this status code? All information is provided below.
#!/usr/bin/env zsh

printf "\nsending raw re… Continue reading cURL not returning status 302 after correct login for Hack the Box Machine ‘Crocodile’

Issue uploading a file with cURL to WebSecurityAcademy Lab on PortSwigger.com

I want to solve an apprentice-level lab on PortSwigger.com focused on file upload vulnerabilities; the lab is called Remote code execution via web shell upload. The labs on PortSwigger.com encourage the use of Burp. However, while Burp is … Continue reading Issue uploading a file with cURL to WebSecurityAcademy Lab on PortSwigger.com