CySCA2015 - Web Application Pentest
The initiative believe their intranet web site is secure due to them using all of the wellness advice that they provide to enterprises. However they are big believers in 'trust but verify' and would like you to verify that the website is secure. You can find the website at http://www.ecwi.cysca
- In Plain Sight - There is a flag hidden on the login page, can you find it?
- Bots Dream of Electric Flags - Sometimes you have to look a bit harder to find information, what else can you check?
- The Eagle Has Landed - Welcome to the ECWI, time to activate your Intranet account!
- Love Letters - Break the encryption used by the internal mail system to find another flag.
- Business Excellence - Gain access to the CVO's executive account on ECWI's Intranet site.
- Turn It On & Off Again - Find a way to gain access to the IT administration portal at support.ecwi.cysca
- Terminal Situation - Your destiny, and the final flag, await you inside this terminal.
- files/ - Category files
- writeups/ - Category writeups