Solving CSCBE's webchallenges

Belgian cyber security challenge

A while ago I participated in the so called Belgian cyber security challenge which offers a CTF full of realistic cyber security challenges. In this blog post I describe how I solved two of the hardest ( and most realistic ) web challenges this CTF had to offer.

Flaw in facebook text authentication leads to account hijacking

At the end of 2015 I got serious about bug bounty and set myself this goal of getting into the wall of fame of the “big four”: Apple, Microsoft, Google and Facebook. Facebook was a though nut to crack but I managed to find a little bug in their text action authentication mechanism which landed me a spot on that precious hacker wall of fame.

Stored XSS in iCloud docs authentication form

Belgian cyber security challenge

Apple is notorious for it's security so as a starting bug bounty hunter they seemed like a nice target to test where I'm at with the skillset that I have aquired over the past couple of months. They have dozens of websites and allow us, bug bounty hunters, to test their web security but they don't offer rewards. I picked the web version of the iCloud as my go to target and found a stored XSS in an authentication form for secured docs.

Remote code execution on Microsoft education

Belgian cyber security challenge

Microsoft was my starting point in bug bounty hunting. In 2016 I set this goal to get on the wall of fame of the "big four" by the end of the year. The big four for me are: Microsoft, Apple, Goolge & Facebook. After doing some basic reconaisaance i ecountered an interesting subdomain that offered a lot of functionality. The more functionality the more fun we hackers can have so I dove in and found a remote code execution. Not a bad start isn't it!