XML Attack

Read server files through XML entity injection

/start xxe

Total Solves

13m 34s

Avg Solve Time

First Blood Claimed

31s

Record Time

// FIRST BLOOD

「 ✦ Rimuru ✦ 」 🩸

cracked in 1m 43s

// TOP 10 FASTEST

#1 khan 31s

#2 r 43s

#3 Kael 51s

#4 n23 55s

#5 Ray 1m 4s

#6 #Run21ner ⚡ 1m 10s

#7 User 0755 1m 25s

#8 「 ✦ Rimuru ✦ 」 1m 43s

#9 7gL_h 1m 51s

#10 harpy 1m 51s

// RELATED · Intermediate TIER

Command Injection

WEB+SSH Chain OS commands through a web interface

★★☆☆☆

Database Bypass

WEB+SSH Bypass authentication with SQL injection

★★☆☆☆

Malicious Upload

WEB+SSH Upload a web shell past file filters

★★☆☆☆

Path Traversal

WEB+SSH Traverse directories to read sensitive files

★★☆☆☆

Script Kiddie

WEB+SSH Inject JavaScript to steal credentials

★★☆☆☆

Vault Cracker

WEB+SSH Decode layered encoding to crack a vault

★★☆☆☆

Spawn this box.
Capture the flag.

Join the Discord and type /start xxe to spin up your own container.

join discord → sign in with discord

XML Attack

// FIRST BLOOD

// TOP 10 FASTEST

// RELATED · Intermediate TIER

Spawn this box.Capture the flag.

Spawn this box.
Capture the flag.