pwn.college DOJO

In this second module we will dive into data handling, web communication, and SQL basics.

Questions and Discussions (Discord)

Chat about the content: Getting Started > #playing-with-programs
Create a forum post: Getting Started > #getting-started-forum

Introduction to Module 2

LECTURE: Module 2 Hype

Dealing with Data

Computer software communicates with each other by exchanging variously-formatted data via various communication channels. Learning about this concurrently with learning about security concepts can be overwhelming, and thus, this module tries to prepare you for the latter by covering the former.

In this module, you will learn the different ways data is reasoned about by programs. In the future, this will help you carefully craft that data to break the recipient program's security!

LECTURE: Binary Data

LECTURE: Hex

LECTURE: Text

LECTURE: Playing with Encodings

LECTURE: Base64

LECTURE: Gleaning Challenge Insight

What's the password?

... and again!

Newline Troubles

Reasoning about files

Specifying Filenames

Binary and Hex Encoding

More Hex

Decoding Hex

Decoding Practice

Encoding Practice

Hex-encoding ASCII

Nested Encoding

Hex-encoding UTF-8

UTF Mixups

Modifying Encoded Data

Decoding Base64

Encoding Base64

Dealing with Obfuscation

Dealing with Obfuscation 2

Talking Web

HTTP (Hypertext Transfer Protocol) is the lingua franca of the open Internet: the common tongue through which web applications, servers, and clients communicate. This module delves deep into the intricate skills of crafting, decoding, and manipulating HTTP requests and responses. By the end of this journey, you won't be solely reliant on your web browser to make HTTP requests on your behalf. You'll master the skills to speak directly with web servers, opening a new world of potential.

You will learn about:

Headers: Metadata fields that carry vital information about the request or response.
Paths: The specific locations or resources you're aiming to access.
Arguments: Data points that can alter or dictate the behavior of your request.
Form Data: Data transferred from web forms.
JSON: A popular data interchange format that's lightweight and human-readable.
Cookies: Small data fragments stored on the user's computer, crucial for session management and tracking.
Redirects: Methods web services use to direct your browser from one location to another.

As you push through these challenges, you won't be hacking blind:

hacker@talking-web-level-1:~$ /challenge/run
* Serving Flask app 'run'
* Debug mode: off
WARNING: This is a development server. Do not use it in a production deployment. Use a production WSGI server instead.
* Running on http://challenge.localhost:80
Press CTRL+C to quit

This output, made available through the challenge, directs you into the core of the web server's activities. Don't ignore it: the server's responses are often hints, meant to nudge you towards the right path when it is unclear.

LECTURE: Introduction

LECTURE: The Internet

LECTURE: RFC 1945

LECTURE: URLs and Encoding

LECTURE: State

LECTURE: Making HTTP Requests

Your First HTTP Request

Reading Flask

Commented Data

HTTP Metadata

HTTP (netcat)

HTTP Paths (netcat)

HTTP (curl)

HTTP (python)

HTTP Host Header (python)

HTTP Host Header (curl)

HTTP Host Header (netcat)

URL Encoding (netcat)

HTTP GET Parameters

Multiple HTTP Parameters (netcat)

Multiple HTTP Parameters (curl)

HTTP Forms

HTTP Forms (curl)

HTTP Forms (netcat)

HTTP Forms (python)

HTTP Forms Without Forms

Multiple Form Fields (curl)

Multiple Form Fields (netcat)

HTTP Redirects (netcat)

HTTP Redirects (curl)

HTTP Redirects (python)

HTTP Cookies (curl)

HTTP Cookies (netcat)

HTTP Cookies (python)

Server State (python)

Listening Web

Speaking Redirects

JavaScript Redirects

Including JavaScript

HTTP (javascript)

HTTP Get Parameters (javascript)

HTTP Forms (javascript)

SQL Playground

Modern society runs on the internet, and the internet runs on databases. Databases hold massive amounts of data on everything from your pwn.college scores (yes, we have a database!) to all of Wikipedia to less important things such as your credit score. If you can describe it, it exists in a database somewhere.

Databases come in all shapes and sizes, but arguably the most common ones, and definitely the most traditional ones, store data entries in structured tables. These Structured tables can be Queried using a specialized Languaged called the Structued Query Language, or SQL (typically pronounced like "sequel").

The (mis)use of SQL leads to all sorts of potential security issues, as we'll explore later on this platform. For now, this module will teach you (or, rather, force you to learn) SQL through a series of challenges that will expose you to the parts of the language that will become relevant later.

Welcome to the SQL playground.

LECTURE: Structured Query Language

SQL Queries

Filtering SQL

Choosing Columns

Exclusionary Filtering

Filtering Strings

Filtering on Expressions

SELECTing Expressions

Composite Conditions

Reaching Your LIMITs

Querying Metadata