web

Web

Easy Challenges

Challenge Name	Description	Hint
apache-logs	There is suspicion that an external host was able to access a sensitive file accidentally placed in one of the company website's directories.	Which directory types should sensitive files not be placed in?
seigwards-secrets	Seigward has been storing his secrets on his website for decades. Hasn't failed him yet.	Where can you find a website's code?

Medium Challenges

Challenge Name	Description	Hint
buster	Check out my new site, it has lots of cool pages!	What do HTTP response codes actually mean?
heres-my-password	We have a list of 500 users (males, females, and pets) and one password. Log-in with the proper credentials for the flag.	This is not intended to require manual brute force. What are some other types of brute force methods?
road-not-taken	You've reached a fork in the road! Choose the right path to find your way to the flag. Start here: https://jerseyctf-road-not-taken.chals.io/	Recent CVEs may help you find your way.
flag-vault	I'm very organized. I even keep all of my flags neatly organized in a database! But, these are my flags! You don't have access to them... or do you? Start here: jerseyctf-flag-vault.chals.io	What is the most common type of database?

Hard Challenges

Challenge Name	Description	Hint
cookie-factory	Here at Granny's Old-Fashioned Home-Baked Cookie Factory, we pride ourselves on our cookies AND security being the best in the business. Start here: https://jerseyctf-cookie-factory.chals.io/	No hints.